www.abbynews.com Open in urlscan Pro
52.222.214.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://abbynews.com/
Effective URL:
http://www.abbynews.com/
Submission Tags: tranco_l324
Submission: On November 19 via api (November 19th 2021, 1:45:54 am UTC) from DE — Scanned from DE

Summary HTTP 300 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 53 domains to perform 300 HTTP transactions. The main IP is 52.222.214.75, located in United States and belongs to AMAZON-02, US. The main domain is www.abbynews.com.

This is the only time www.abbynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	146.148.100.136 146.148.100.136	15169 (GOOGLE) (GOOGLE)
2 35	52.222.214.75 52.222.214.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1 3	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
1 7	104.111.214.80 104.111.214.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:4800:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:a000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 4	2600:9000:224... 2600:9000:2240:6200:16:8147:1b00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	66.209.187.158 66.209.187.158	40438 (CANHOST-INC) (CANHOST-INC)
34	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	52.6.232.190 52.6.232.190	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
9	2600:9000:223... 2600:9000:223e:9800:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3030::6815:251b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
1	13.32.99.88 13.32.99.88	16509 (AMAZON-02) (AMAZON-02)
3	18.66.122.126 18.66.122.126	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	2600:1f18:612... 2600:1f18:612b:4216:faf1:9619:7fb0:de49	14618 (AMAZON-AES) (AMAZON-AES)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.71.161.21 35.71.161.21	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.5 13.32.121.5	16509 (AMAZON-02) (AMAZON-02)
1	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
1 1	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
1 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	91.228.74.226 91.228.74.226	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
8	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
2	52.218.40.250 52.218.40.250	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
6	52.222.214.123 52.222.214.123	16509 (AMAZON-02) (AMAZON-02)
6	23.111.9.203 23.111.9.203	33438 (HIGHWINDS2) (HIGHWINDS2)
2	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
4	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
4	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	() ()
1	35.244.174.68 35.244.174.68	() ()
1	104.89.42.102 104.89.42.102	() ()
1	35.176.195.187 35.176.195.187	() ()
1	3.127.253.208 3.127.253.208	() ()
1	52.208.138.90 52.208.138.90	() ()
300	67

3 146.148.100.136 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 136.100.148.146.bc.googleusercontent.com

abbynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.canadianevergreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.westcoasttraveller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 52.222.214.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-75.fra56.r.cloudfront.net

www.abbynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.214.80 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com

oap.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vortex.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

image.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:6200:16:8147:1b00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

files.dosomegood.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.209.187.158 (Kelowna, Canada)

ASN40438 (CANHOST-INC, CA)
PTR: host-66-209-187-158.canhost.ca

api.dosomegood.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.232.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-232-190.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:223e:9800:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-88.fra60.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.126 (United States)

ASN16509 (AMAZON-02, US)

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.143 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:faf1:9619:7fb0:de49 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.161.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

ie1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-5.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

ad8.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.178.130.209 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu

creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.66.20 (Germany) 1 redirects

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.226 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.40.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.111.9.203 (United States)

ASN33438 (HIGHWINDS2, US)

tqe36.flx10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (None, )

ASN- ()

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.102 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.195.187 (None, )

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.253.208 (None, )

ASN- ()

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (None, )

ASN- ()

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com tpc.googlesyndication.com aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com pagead2.googlesyndication.com	283 KB
41	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net Failed cm.g.doubleclick.net stats.g.doubleclick.net	377 KB
36	abbynews.com 3 redirects abbynews.com www.abbynews.com	1 MB
14	adform.net 2 redirects track.adform.net c1.adform.net s1.adform.net	138 KB
11	googletagservices.com www.googletagservices.com	390 KB
9	analyticssystems.net analyticssystems.net	4 KB
9	cloudfront.net d3plfjw9uod7ab.cloudfront.net	207 KB
9	google.com adservice.google.com www.google.com	2 KB
8	2mdn.net s0.2mdn.net	414 KB
8	google-analytics.com www.google-analytics.com	59 KB
8	googleapis.com ajax.googleapis.com fonts.googleapis.com	85 KB
7	gstatic.com fonts.gstatic.com	33 KB
7	dosomegood.ca 1 redirects files.dosomegood.ca api.dosomegood.ca	846 KB
7	accuweather.com 1 redirects oap.accuweather.com vortex.accuweather.com www.accuweather.com	120 KB
6	flx10.com tqe36.flx10.com	149 KB
6	trustarc.com choices.trustarc.com	17 KB
6	openx.net 1 redirects us-u.openx.net eu-u.openx.net	1 KB
6	google.de adservice.google.de www.google.de	2 KB
6	googletagmanager.com www.googletagmanager.com	201 KB
5	ad-srv.net 1 redirects ad.ad-srv.net ad8.ad-srv.net	8 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	freeskreen.com static.freeskreen.com sb.freeskreen.com	34 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net ad.crwdcntrl.net bcp.crwdcntrl.net	14 KB
3	mlsat02.de 2 redirects creative.mlsat02.de tracking.mlsat02.de	1 KB
3	smartadserver.com 2 redirects ww1772.smartadserver.com sync.smartadserver.com	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	amazonaws.com rechtstexte.s3.amazonaws.com	86 KB
2	awin1.com 1 redirects www.awin1.com	798 B
2	adsrvr.org ie1-bid.adsrvr.org match.adsrvr.org	2 KB
2	tremorhub.com 1 redirects scm.publishers.tremorhub.com	466 B
2	chartbeat.net ping.chartbeat.net	588 B
1	ml314.com ml314.com	422 B
1	sharethis.com sync.sharethis.com	232 B
1	agkn.com aa.agkn.com	415 B
1	bluekai.com tags.bluekai.com	304 B
1	rlcdn.com idsync.rlcdn.com	417 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	artefact.com aaa.artefact.com	1023 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	644 B
1	telekom.de 1 redirects ebs08.telekom.de	723 B
1	truste.com choices.truste.com	9 KB
1	exelator.com loadeu.exelator.com	324 B
1	admanmedia.com 1 redirects cs.admanmedia.com	443 B
1	chartbeat.com static.chartbeat.com	14 KB
1	jwplatform.com content.jwplatform.com	41 KB
1	issuu.com image.issuu.com	30 KB
1	westcoasttraveller.com www.westcoasttraveller.com	250 KB
1	canadianevergreen.com www.canadianevergreen.com	120 KB
1	fastly.net includemodal.global.ssl.fastly.net	55 KB
0	thrtle.com Failed thrtle.com Failed
0	nr-data.net Failed bam-cell.nr-data.net Failed
0	yahooapis.com Failed query.yahooapis.com Failed
300	53

	Domain	Requested by
35	www.abbynews.com	2 redirects www.abbynews.com
34	securepubads.g.doubleclick.net	www.googletagservices.com www.abbynews.com securepubads.g.doubleclick.net dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.abbynews.com aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com tpc.googlesyndication.com
11	www.googletagservices.com	www.abbynews.com securepubads.g.doubleclick.net aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
9	analyticssystems.net	www.abbynews.com dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
9	d3plfjw9uod7ab.cloudfront.net	securepubads.g.doubleclick.net dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
8	s1.adform.net	tracking.mlsat02.de s1.adform.net www.abbynews.com
8	s0.2mdn.net	dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com s0.2mdn.net
8	www.google-analytics.com	www.abbynews.com www.googletagmanager.com
7	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.google.com www.abbynews.com
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	srcdoc
7	www.google.com	securepubads.g.doubleclick.net www.abbynews.com tpc.googlesyndication.com
6	tqe36.flx10.com	srcdoc
6	choices.trustarc.com	choices.truste.com dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com choices.trustarc.com
6	dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.googletagmanager.com	www.abbynews.com
5	stats.g.doubleclick.net	www.abbynews.com
4	www.google.de	www.abbynews.com
4	track.adform.net	ad8.ad-srv.net s1.adform.net
4	us-u.openx.net	1 redirects dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com us-u.openx.net
4	ad8.ad-srv.net	1 redirects dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com ad8.ad-srv.net
4	files.dosomegood.ca	1 redirects www.abbynews.com files.dosomegood.ca
4	vortex.accuweather.com	oap.accuweather.com vortex.accuweather.com www.abbynews.com
3	sb.freeskreen.com	static.freeskreen.com www.abbynews.com
3	api.dosomegood.ca	www.abbynews.com files.dosomegood.ca
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	rechtstexte.s3.amazonaws.com	ad8.ad-srv.net
2	cm.g.doubleclick.net	1 redirects us-u.openx.net
2	c1.adform.net	2 redirects
2	eu-u.openx.net	us-u.openx.net
2	tracking.mlsat02.de	1 redirects ad8.ad-srv.net
2	www.awin1.com	1 redirects ad8.ad-srv.net
2	scm.publishers.tremorhub.com	1 redirects www.abbynews.com
2	sync.smartadserver.com	2 redirects
2	eus.rubiconproject.com	sb.freeskreen.com eus.rubiconproject.com
2	aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ping.chartbeat.net	www.abbynews.com
2	www.accuweather.com	1 redirects www.abbynews.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	platform.twitter.com	www.abbynews.com platform.twitter.com
1	ml314.com	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	aa.agkn.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	js-agent.newrelic.com	www.abbynews.com
1	aaa.artefact.com	ad8.ad-srv.net
1	match.adsrvr.org	us-u.openx.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ebs08.telekom.de	1 redirects
1	creative.mlsat02.de	1 redirects
1	ad.ad-srv.net	dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
1	choices.truste.com	dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
1	ie1-bid.adsrvr.org	dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	loadeu.exelator.com	www.abbynews.com
1	cs.admanmedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	static.freeskreen.com	securepubads.g.doubleclick.net
1	syndication.twitter.com	platform.twitter.com
1	static.chartbeat.com	www.abbynews.com
1	content.jwplatform.com	www.abbynews.com
1	image.issuu.com	www.abbynews.com
1	www.westcoasttraveller.com	www.abbynews.com
1	www.canadianevergreen.com	www.abbynews.com
1	oap.accuweather.com	www.abbynews.com
1	includemodal.global.ssl.fastly.net	www.abbynews.com
1	ad.crwdcntrl.net	www.abbynews.com
1	tags.crwdcntrl.net	www.abbynews.com
1	ajax.googleapis.com	www.abbynews.com
1	abbynews.com	1 redirects
0	thrtle.com Failed	bcp.crwdcntrl.net
0	bam-cell.nr-data.net Failed	js-agent.newrelic.com
0	query.yahooapis.com Failed	www.abbynews.com
0	googleads.g.doubleclick.net Failed	aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
300	79

This site contains links to these domains. Also see Links.

Domain
www.todayinbc.com
www.canadianevergreen.com
bclocalnews.com
www.bclocalnews.com
www.westcoasttraveller.com
homes.abbynews.com
autos.abbynews.com
www.bcclassifieds.com
www.localwork.ca
winetrails.ca
www.facebook.com
blackpress.tv
blackpress.ca
twitter.com
www.instagram.com
www.accuweather.com
impresstv.blackpress.ca
mailchi.mp
dosomegood.ca
www.blackpress.ca
www.msaford.com

Subject Issuer	Validity	Valid
www.theprogress.com Amazon	`2021-10-29` - `2022-11-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-09-16`	a year	crt.sh
www.canadianevergreen.com R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
www.westcoasttraveller.com R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
files.dosomegood.ca Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.dosomegood.ca Sectigo RSA Domain Validation Secure Server CA	`2021-01-07` - `2022-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.analyticssystems.net R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.freeskreen.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA	`2019-09-06` - `2021-12-04`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
aaa.artefact.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.flx10.com GoGetSSL RSA DV CA	`2021-05-14` - `2022-06-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh

This page contains 35 frames:

Primary Page: http://www.abbynews.com/
Frame ID: 0E15C46F83ADF322002A22445D44FB4F
Requests: 113 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 73B19857C06A7C51E47B0AF2755F5D66
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fwww.abbynews.com
Frame ID: F89A36CD1E0730EDB8B93FF3F756C647
Requests: 2 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: 521882E2FC8E72C5CA6C344FBAFB35F8
Requests: 15 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: BA599C0A5E1CEE9184A011138B8443F8
Requests: 9 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: 80BA5BDA69A47C4096D46A36307289E9
Requests: 8 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8171456EB14A52732B508DBFB8397FFE
Requests: 11 HTTP requests in this frame

Frame: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A09F4CB1162E7070F85DA6E474E1456C
Requests: 1 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F1427A6E2F18CF004DA052153C84965F
Requests: 10 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC7888ED990AD45D2065B7C77F02B7AB
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: 209BEB86A6C6D8CBE02E7329105284DC
Requests: 3 HTTP requests in this frame

Frame: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4656109BA9B664C6072D9218E5EE4450
Requests: 6 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F1B9BE3DBD85306FE03F09E621612F0
Requests: 10 HTTP requests in this frame

Frame: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B7868D2DCECC2D426BEA162754290AC
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: BE29F893F0559B195BC3066462EF22F4
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
Frame ID: 415D939E3E923341FE1DE3F26E26C441
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: DD0FCF9EFA21241F933B4C87A0F7ABB3
Requests: 1 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: 7F5ECB95A7F914851272950E40BD3625
Requests: 1 HTTP requests in this frame

Frame: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Frame ID: 1A59B24C554E79A03BD34B27DF8D05EC
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Frame ID: 17E080C90A4B204BDEC9DD3EDEAAFC14
Requests: 7 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2068258/9645718/9645718.js?ADFassetID=9645718&bv=514
Frame ID: 78F17D0101D91F264A378A8ED9569E3C
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/51615739/1634927656127/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x250/index.html
Frame ID: 38419EBF831C8AEDBB8B1F85AF8AC51F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/22571539/1575413112989/PedalToTheMetal_2712-002_BPM_970x90/index.html
Frame ID: A42A409D091AA4578DBB589852AFF04B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/51615739/1634927656085/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x30/index.html
Frame ID: 064750EBF9D78584D216E8CE72B58D76
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/4836856213/1622569080395/241-000572-001_Natalie_Whitmey_Orders_Rev1_970x90/index.html
Frame ID: C14E2563EEA26F095AC62E7C624D11FE
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 50B5F8E000BED8BB46928305B4F6B65D
Requests: 2 HTTP requests in this frame

Frame: https://tqe36.flx10.com/a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d?subset=Water%20dmg%2CSin%E2%80%8Bwphl%2EBCos
Frame ID: DA3D31EBA6C20B65BFE93A21421AC666
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans:700&text=Dreaming%20ofVct%3FIdulYWsAb%2CBC%26kTvS
Frame ID: D2B69552A9F9A7BF3687A606807ABF89
Requests: 8 HTTP requests in this frame

Frame: https://tqe36.flx10.com/a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d?subset=Water%20dmg%2CSin%E2%80%8Bwphl%2EBCos
Frame ID: 3041F4CFEF7DA79FDD263530771AB402
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Oswald:regular&text=It%27s%20PedalMYOURDVENSCWTHKLG%26
Frame ID: D27DDA84F7B2268AFD7E4EBEA7C30D6F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 13D8FA353EFFE3B3675AD0DAEC9659A8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDBC2F6F93456E442996B20BDC99AA9C
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 3DC594A553E3CD1CBE50D6AE570FDE9A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F9553340A45888B18871D5BB7C18DB9F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1FCECC974F7F874C88D78DE1E9B220C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Abbotsford News – Abbotsford News

Page URL History Show full URLs

http://abbynews.com/ HTTP 301
http://www.abbynews.com/ Page URL

Page Statistics

300
Requests

85 %
HTTPS

28 %
IPv6

53
Domains

79
Subdomains

67
IPs

8
Countries

5555 kB
Transfer

12333 kB
Size

39
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://www.todayinbc.com/
Title: Today in B.C.

Search URL Search Domain Scan URL

URL: http://www.canadianevergreen.com/
Title: Cannabis

Search URL Search Domain Scan URL

URL: https://bclocalnews.com/
Title: BC

Search URL Search Domain Scan URL

URL: https://www.bclocalnews.com/sports/
Title: BC

Search URL Search Domain Scan URL

URL: http://www.westcoasttraveller.com/
Title: Travel

Search URL Search Domain Scan URL

URL: http://homes.abbynews.com/
Title: Today’s Home

Search URL Search Domain Scan URL

URL: http://autos.abbynews.com/
Title: Autos

Search URL Search Domain Scan URL

URL: http://www.bcclassifieds.com/?sfid=1002
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://www.localwork.ca/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://bclocalnews.com/business
Title: BC

Search URL Search Domain Scan URL

URL: https://bclocalnews.com/entertainment
Title: BC

Search URL Search Domain Scan URL

URL: https://winetrails.ca/
Title: Wine Trails

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iLoveBritishColumbia
Title: I Love British Columbia

Search URL Search Domain Scan URL

URL: https://bclocalnews.com/opinion
Title: BC Opinion

Search URL Search Domain Scan URL

URL: https://blackpress.tv/
Title: Black Press TV

Search URL Search Domain Scan URL

URL: https://blackpress.ca/
Title: Black Press

Search URL Search Domain Scan URL

URL: https://www.facebook.com/myabbynews

Search URL Search Domain Scan URL

URL: https://twitter.com/AbbyNews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/abbynews/

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/ca/abbotsford/v2s/weather-forecast/52892

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=www-abbynews-com&utm_medium=oap_weather_widget&utm_term=link_get_widget&utm_content=accuweather&utm_campaign=current
Title: Get this widget

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=www-abbynews-com&utm_medium=oap_weather_widget&utm_term=link_get_widget_footer&utm_content=accuweather&utm_campaign=current
Title: Get widget

Search URL Search Domain Scan URL

URL: http://bclocalnews.com/
Title: BC

Search URL Search Domain Scan URL

URL: http://blackpress.tv/
Title: Black Press TV

Search URL Search Domain Scan URL

URL: http://impresstv.blackpress.ca/

Search URL Search Domain Scan URL

URL: https://www.canadianevergreen.com/news/bc-pot-sector-bracing-for-delivery-challenges-and-shortages-after-extreme-weather/

Search URL Search Domain Scan URL

URL: https://www.westcoasttraveller.com/vancouver-sets-the-season-a-sparkle/

Search URL Search Domain Scan URL

URL: https://mailchi.mp/dosomegood/shareyourstories
Title: HERE

Search URL Search Domain Scan URL

URL: http://dosomegood.ca/good-companies
Title: Good Companies

Search URL Search Domain Scan URL

URL: http://www.blackpress.ca/publications/
Title: BLACK PRESS MEDIA

Search URL Search Domain Scan URL

URL: http://www.msaford.com/
Title: Abbotsford Car Dealerships

Search URL Search Domain Scan URL

URL: http://www.blackpress.ca/
Title: Black Press Group Ltd.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://abbynews.com/ HTTP 301
http://www.abbynews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png HTTP 301
https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png

Request Chain 16

http://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png HTTP 301
https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png

Request Chain 27

http://files.dosomegood.ca/scripts/p/w/dsgw.js HTTP 301
https://files.dosomegood.ca/scripts/p/w/dsgw.js

Request Chain 51

http://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1637286327578 HTTP 301
https://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1637286327578

Request Chain 79

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 111

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 112

https://sync.smartadserver.com/getuid?url=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=http://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
http://sb.freeskreen.com/um?sa=436030397313083836

Request Chain 113

https://scm.publishers.tremorhub.com/pubsync?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

Request Chain 114

https://cs.admanmedia.com/sync/smaato?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
http://sb.freeskreen.com/um?ac={$UID}

Request Chain 158

http://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c

Request Chain 159

http://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c

Request Chain 160

http://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c

Request Chain 176

https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 179

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=46514000007026200003104011783008&gdpr=&gdpr_consent= HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1637286330_&cachebuster=1637286330&awv=11430_473322_1637286330_60f2ad70-48da-11ec-9d39-2236c0dc0c5d&gdpr=&gdpr_consent= HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTE2ODA3MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzcyODYzMzBfNjBmMmFkNzAtNDhkYS0xMWVjLTlkMzktMjIzNmMwZGMwYzVkOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 181

https://us-u.openx.net/w/1.0/pd?plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37 HTTP 302
https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37

Request Chain 186

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Request Chain 189

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66996197-01ba-4a00-a9bf-d199ca4c3733

Request Chain 190

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YlqCPGRa2Wl5WI07ZgqWPWQPgzl5Wd5oYlzi_a-v

Request Chain 191

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8273215590168972827

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP03MV0xzNXQf3rIPyJsHDk&google_cver=1

Request Chain 303

https://bcp.crwdcntrl.net/5/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

300 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.abbynews.com/
Redirect Chain

http://abbynews.com/
http://www.abbynews.com/

197 KB
41 KB

366ms
330ms

Document
text/html

52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://www.abbynews.com/

Protocol

HTTP/1.1

Server

52.222.214.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-75.fra56.r.cloudfront.net

Software

nginx / WP Engine

Resource Hash

2c9d5b2959e5a8775d1f4b4af8600829d1551f9bac5923e8df25e4c9c655c970

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Content-Length: 40767
Connection: keep-alive
Date: Fri, 19 Nov 2021 01:45:25 GMT
Server: nginx
X-FRAME-OPTIONS: SAMEORIGIN
Link: <https://www.abbynews.com/wp-json/>; rel="https://api.w.org/" <https://www.abbynews.com/wp-json/wp/v2/pages/154>; rel="alternate"; type="application/json" <https://www.abbynews.com/>; rel=shortlink
X-Powered-By: WP Engine
X-Cacheable: SHORT
X-Cache-Group: normal
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, no-transform
Content-Encoding: gzip
Vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Cookie
X-Cache: Miss from cloudfront
Via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
X-Amz-Cf-Id: G9I6IfeMKX-zdasUEDTsQLHbnvWfnNd_r4iRKHYuHz9WaGLOJ2JxgQ==

Redirect headers

Server: nginx
Date: Fri, 19 Nov 2021 01:45:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: http://www.abbynews.com/

GET
H2 200 style.min.css
www.abbynews.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 57ms
12ms Stylesheet
text/css 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 09:27:43 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: nginx
age: 58663
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 10523
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: CSqQ6Cd-J9eCvrBvUK7LT4iXRqGiQ57MvS0EH7xt05cFHEOU0UUsUw==

GET
H2 200 foundation.min.css
www.abbynews.com/wp-content/themes/BlackPress/dest/css/ 291 KB
46 KB 760ms
715ms Stylesheet
text/css 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=1844688843
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b9517520826c7286a1298e06934eafe8dc3cf7aaa60d0568f3a4f2d35aca1bf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:26 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46641
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: nwD8OmTUlmADrgpI1Xp8ynfGkKl9S600AH-0OHU-9KAJuMNBECbgvQ==

GET
H2 200 featherlight.css
www.abbynews.com/wp-content/themes/BlackPress/assets/components/featherlight/ 3 KB
2 KB 57ms
13ms Stylesheet
text/css 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/components/featherlight/featherlight.css?ver=1.6.1
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4eecd11b7c5edcb48e0f17a117e40361ce82605e0d6d1d2d3bd5636eaa0ce28f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 22:02:43 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
age: 877363
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 1294
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: AZbsJ09hzEUQ7Lt6cSDtMKoh6bXDVIAOqbT0xHbrnkUtCcs1WbgisQ==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
83 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 18:15:28 GMT
X-Content-Type-Options: nosniff
Age: 286198
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 83615
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Tue, 15 Nov 2022 18:15:28 GMT

GET
H/1.1 200
OK cc.js Show response
tags.crwdcntrl.net/c/14236/ 38 KB
12 KB 58ms
9ms Script
application/json 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.crwdcntrl.net/c/14236/cc.js?ns=_cc14236
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e2e1c013730664495de19081bd85256322fe6c6447a25b15f429ae02a3699e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 18 Nov 2021 18:32:29 GMT
Content-Encoding: gzip
Age: 25978
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Jun 2020 15:00:35 GMT
Server: AmazonS3
ETag: W/"d7ba88d354df7bc95689835f9417384e"
Vary: Accept-Encoding
Content-Type: application/json
Via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
Cache-Control: max-age: 86400
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: bCE1-zPT74eLI41hE4_q8YHrf1iRHXq0tgfYhrutLKK3ez-dI0YugA==

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=14235/pe=y/ 70 B
305 B 113ms
30ms Script
application/javascript 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=14235/pe=y/var=ccauds
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.203
content-type: application/javascript;charset=utf-8
content-length: 70
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 886ms
515ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N33Q889

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74907f2867792dac05812345f5e572c44e7b5f64c1239de7fd27813b636e37a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30664
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 467ms
95ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56M65DZ

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f365ad2fada85f47742dc4eb433b4157c8bfa66aa31d3e8eb805fd2890375cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29601
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 1402ms
1031ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17101303-1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6cabec833766936eafd3203772effdd969e5f6cad77eeba85b09b8eda13c6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36115
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H/1.1 200
OK sp.js Show response
includemodal.global.ssl.fastly.net/ 158 KB
55 KB 54ms
10ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://includemodal.global.ssl.fastly.net/sp.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fff7ee903871c35f188be4974cfccb25af2907814e3d056501b3bdede51c164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: aeECXl4cPP5kJtrbXUQ0DJXFe3OdT0Gz
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront), 1.1 varnish
ETag: W/"0031fbd1f9c99a9b549f142995f1b516"
Age: 1546
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 55519
X-Served-By: cache-hhn4061-HHN
Last-Modified: Thu, 18 Nov 2021 21:17:57 GMT
Server: AmazonS3
X-Timer: S1637286326.038345,VS0,VE0
Date: Fri, 19 Nov 2021 01:45:26 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
X-Amz-Cf-Id: utQcZP34Zk2flhghs_MOsDs4B3vJaGAzRgLY4FGKvN6pwxxoUVZRdA==
X-Cache-Hits: 10

GET
H2 200 launch.js Show response
oap.accuweather.com/ 17 KB
6 KB 86ms
7ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oap.accuweather.com/launch.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:26 GMT
content-encoding: gzip
etag: "8513a708788d21:0"
last-modified: Thu, 16 Feb 2017 19:04:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 6333

GET
H2 200 ImpressTV.png
www.abbynews.com/wp-content/themes/BlackPress/assets/images/ 1 KB
2 KB 330ms
328ms Image
image/png 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4d74d7a1dc5eae37e46236249dc28454c0fea535c807509461b7a65d5e142cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1250
x-amz-cf-id: 9DlWAhToT6OA3Kyj8zym_VWqvBJE41fuS57HsUh7tovTVVb3NXBCUg==

GET
H2 200 27227401_web1_20211117111120-61952c51a1739eb6a7512862jpeg-1024x726.jpg
www.canadianevergreen.com/wp-content/uploads/2021/11/ 120 KB
120 KB 570ms
173ms Image
image/jpeg 146.148.100.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canadianevergreen.com/wp-content/uploads/2021/11/27227401_web1_20211117111120-61952c51a1739eb6a7512862jpeg-1024x726.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.100.136 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.100.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1eb4cc742aefcfa05485e1b50ca6976bf41ee40577c87465dcb60851209d5a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
last-modified: Thu, 18 Nov 2021 06:48:48 GMT
server: nginx
etag: "6195f750-1e028"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 122920

GET
H2 200 27166232_web1_211112-WCT-VancouverAquariumChristmas_1-1024x683.jpg
www.westcoasttraveller.com/wp-content/uploads/2021/11/ 249 KB
250 KB 568ms
173ms Image
image/jpeg 146.148.100.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.westcoasttraveller.com/wp-content/uploads/2021/11/27166232_web1_211112-WCT-VancouverAquariumChristmas_1-1024x683.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.100.136 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.100.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 996baad2d88a76c43c894f4300be233089f434b102cb7f92274e486935c037f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
last-modified: Sat, 13 Nov 2021 00:44:50 GMT
server: nginx
etag: "618f0a82-3e51b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 255259

GET
H2 200 page_1_thumb_large.jpg
image.issuu.com/211118222641-a45b301d1241bce9a2eb379de7c7f011/jpg/ 30 KB
30 KB 37ms
9ms Image
image/jpeg 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.issuu.com/211118222641-a45b301d1241bce9a2eb379de7c7f011/jpg/page_1_thumb_large.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da83ded1dc3c3e84f1ad194a00fa277c7a27ec5737a96c5de8a656d55283dd3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 11857
x-cache: HIT, HIT
content-length: 30827
x-amz-id-2: NFP266ahgusj5EafVGDsh1fpkh7jHPu3Q9vTsnUeff74QINyjn003u9sL6OCEJxT3H5JMyN4KkE=
x-served-by: cache-bwi5128-BWI, cache-hhn4047-HHN
last-modified: Thu, 18 Nov 2021 22:27:03 GMT
server: AmazonS3
x-timer: S1637286328.515197,VS0,VE1
etag: "ec7559aacaa977aec31ad3af35e1b5ed"
x-amz-request-id: SMQ67H37PG09ZAEF
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2

200

submit.png
www.abbynews.com/wp-content/themes/BlackPress/assets/images/
Redirect Chain

http://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png
https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png

1 KB
2 KB

332ms
332ms

Image
image/png

52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5aeae9effa57334a2f01fe5bc138d28d2a378a9fa24b94bb37dcb5dc23135e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1164
x-amz-cf-id: lhFYDGXEAfIEUbAz25hmxncQ25D-UHHVisqIs2APRXo8dRkxfhirFw==

Redirect headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Via: 1.1 474733f16f494ddb794b4f7dfd7de967.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/submit.png
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: HqxU-SMkkxBxUStgY_PYgwgBTKcvErx_IZ_kcqkX6fWOKF1ucMywYA==

GET
H2

200

ImpressTV.png
www.abbynews.com/wp-content/themes/BlackPress/assets/images/
Redirect Chain

http://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png
https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png

1 KB
2 KB

327ms
327ms

Image
image/png

52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4d74d7a1dc5eae37e46236249dc28454c0fea535c807509461b7a65d5e142cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1250
x-amz-cf-id: WRArHD1jVtxB83DPLtUgxI2A4q1opeWVM3rFKbQUWLiT7gXF9QLuuw==

Redirect headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 8dQxK8vehNeOvYnPebfkDswJN6WSefHWHN6eNVKUfRM6MnyG9Khrkw==

GET
H2 200 BlackPressMedia.svg
www.abbynews.com/wp-content/themes/BlackPress/assets/images/ 6 KB
3 KB 320ms
319ms Image
image/svg+xml 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/images/BlackPressMedia.svg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 847828ce76d2de856454fd299bb28a970df5c2a07496aa8372d82482f47b46a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: dMRsFqP0k__W5qOi26QRZgi3LeksAZg_bWMxy4Zb5Pq5nxQR9l5y6g==
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)

GET
H/1.1 200
OK yrJQMy68.js Show response
content.jwplatform.com/libraries/ 127 KB
41 KB 150ms
131ms Script
text/javascript 2600:9000:223f:4800:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://content.jwplatform.com/libraries/yrJQMy68.js?ver=1.0.0
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 2600:9000:223f:4800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 7127dc4aa860fed296891b72a6f0af42d8a4f0b8e78f9adbd0bb53b1c6d1d28e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Content-Encoding: gzip
Server: openresty
X-Amz-Cf-Pop: FRA56-P5
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=150, max-stale=180
Connection: keep-alive
Content-Length: 41493
Via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
X-Amz-Cf-Id: d8wAVY3tadyNFKmc9Y9K1VXQpzvndxnFVVWLjvB555Muui7LWM_C4A==
Expires: Fri, 19 Nov 2021 01:47:57 GMT

GET
H2 200 featherlight.js Show response
www.abbynews.com/wp-content/themes/BlackPress/assets/components/featherlight/ 22 KB
8 KB 149ms
148ms Script
application/javascript 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/assets/components/featherlight/featherlight.js?ver=1.6.1
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b663419733f90e316eda931466ed2777ac88965474ff4cb1cb8ce4e78f4aa87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7625
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: oRZjLNQsgyYyVDLF6EaVHdg5mkzomj7fyr4JcQZ1x6H36NiQUBok_g==

GET
H2 200 foundation.min.js Show response
www.abbynews.com/wp-content/themes/BlackPress/dest/javascript/ 2 MB
460 KB 840ms
839ms Script
application/javascript 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/javascript/foundation.min.js?ver=492219731
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a30cf27bf4f5e5a36691545e2adf296b8c7c8c8fca7d0d34fec9773b4cb1ac31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:28 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 469356
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: 7zepPLxTCNR4PsUygwwD3tLnRhxpBVXMhD_JPaSpVwRgHRFcEPJ1VA==

GET
H2 200 what-input.min.js Show response
www.abbynews.com/wp-content/themes/BlackPress/dest/javascript/what-input/ 2 KB
2 KB 340ms
339ms Script
application/javascript 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/javascript/what-input/what-input.min.js?ver=4.0.3
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ecda9bc7461947ae9c9a0a52eb4d2839d543283c48993a52631dba9eb4141fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1071
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: L_jWeZX--r6BGxgUdfOwiP-gCfe-fMPblBB3zw6mzL5w-sv854pvgA==

GET
H2 200 wp-embed.min.js Show response
www.abbynews.com/wp-includes/js/ 1 KB
1 KB 320ms
318ms Script
application/javascript 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 765
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
x-amz-cf-id: lIuyKsa-Ybw-ggrr2XjydHRJC_6HZVRLrihv0q7UCW94K1oirT5AdA==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 400ms
46ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

HTTP/1.1

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1048 / 986 of 1000 / last-modified: 1637276723"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 26822
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H/1.1 200
OK chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 54ms
7ms Script
application/x-javascript 2600:9000:223c:a000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 2600:9000:223c:a000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 00:47:05 GMT
Content-Encoding: gzip
Age: 3502
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 28 Oct 2021 00:27:20 GMT
Server: nginx
ETag: W/"6179ee68-8e96"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 9015971351bc982a04ee209a022bb1f9.cloudfront.net (CloudFront)
Cache-Control: max-age=7200
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: LqgJW1Z-0JsHjFln4aYZcA3oG6mm7ienkR50HttJvNRssJvxIYAecw==
Expires: Fri, 19 Nov 2021 02:47:05 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 46ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/67C1)
Age: 81
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 jquery-1.9.1.min.js Show response
vortex.accuweather.com/adc2010/oap/javascript/ 90 KB
33 KB 22ms
8ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Requested by: Host: oap.accuweather.com
URL: https://oap.accuweather.com/launch.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:27 GMT
content-encoding: gzip
etag: "aad455d39b55ce1:0"
last-modified: Mon, 20 May 2013 20:51:39 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 33817

GET
H2

200

dsgw.js Show response
files.dosomegood.ca/scripts/p/w/
Redirect Chain

http://files.dosomegood.ca/scripts/p/w/dsgw.js
https://files.dosomegood.ca/scripts/p/w/dsgw.js

159 KB
160 KB

27ms
8ms

Script
application/javascript

2600:9000:2240:6200:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Server: 2600:9000:2240:6200:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ab6cdd5c7095349f243cd1f3ed712b73ce99f7fbc3fbbe315f91ca21a8533f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 04:53:32 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 79185
etag: "c608a467d363084cc8bb86b4cfdc1f6d"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 163078
x-amz-cf-id: oyBnvWUtvIRRqWxcI-hnKZPkJifQJUFnlnd0elDy2dSX_jKsgf-z0A==

Redirect headers

Date: Fri, 19 Nov 2021 01:45:27 GMT
Via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: KTMW2Xxd0bhwTqXvUDKdR4w3RaXtJ4EOEwt709jfx4FkRoXgVirWYw==

GET
H2 200 media.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 319 KB
319 KB 8ms
8ms Script
application/javascript 2600:9000:2240:6200:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/media.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: http://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6200:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9230cfbbe8657ebc18bc1a1c4c1d9498a97757178487b910da35e0784b8b3110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:38:16 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 86119
etag: "c7bb0b5eddf93e491ab3df0aed39dbf0"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 326339
x-amz-cf-id: vF6d2U3oKQqzh9THRCa6JEBhKM_OG8Tn5VDBXu1Lp-jaVKY_yw9Htg==

GET
H2 200 platform.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 365 KB
366 KB 38ms
38ms Script
application/javascript 2600:9000:2240:6200:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/platform.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: http://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6200:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70642c0422d4b5bfd419d065514d61cf9a3704002eccd116b362fd1699e3711d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 06:59:23 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 67564
etag: "db9173fd1f7f0a54bfeff6a8051b90a9"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 373768
x-amz-cf-id: gbu-EVo1I6QNYQwgxV-MVV3dTo1fTBer8DgWpjEbrVvOIh5tlv0FVg==

GET
H2 200 I816rv5KP1cE1Ga Show response
api.dosomegood.ca/posts/cities/media/ 56 B
456 B 772ms
192ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/posts/cities/media/I816rv5KP1cE1Ga?context=widget&limit=3&includeEndorsed=false&cityIds=

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

b4e9d09f0ea6addb791df35f2735dbea6a1b512f6d06ff3feffb2cbe64ffb757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 2ms
date: Fri, 19 Nov 2021 01:45:28 GMT
content-encoding: br
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID,X-Backoff
expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H2 200 / Show response
api.dosomegood.ca/community-partners/ 2 B
386 B 767ms
208ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/community-partners/?cityIds=&context=widget

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 17ms
date: Fri, 19 Nov 2021 01:45:28 GMT
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID,X-Backoff
content-length: 2
expires: Fri, 19 Nov 2021 01:45:27 GMT

GET
H2 200 pubads_impl_2021111501.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
117 KB 145ms
51ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118768
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Nov 2021 01:45:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
722 B 142ms
47ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.abbynews.com

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5ca472b21f7866fbc2ac81e93d24a1064405e015259224537236a99d9539af43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Fri, 19 Nov 2021 01:45:28 GMT

GET
H2 200 fv-play-btn.png
www.abbynews.com/wp-content/themes/BlackPress/dest/images/ 2 KB
3 KB 331ms
331ms Image
image/png 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/images/fv-play-btn.png
Requested by: Host: www.abbynews.com
URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=1844688843
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 07989fce6a6a8a3e2d6a809effa05f2530edc3b4bd2ce0d4075d9754dc4b0e9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.abbynews.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=1844688843
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2505
x-amz-cf-id: exMnemvyRAfDhDSTxOcbEp2gNc1N5kMNNOTrNgkWhXCTAwbk5dAVMA==

GET
H2 200 fontawesome-webfont.woff2
www.abbynews.com/wp-content/themes/BlackPress/dest/fonts/ 65 KB
66 KB 23ms
9ms Font
font/woff2 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.abbynews.com
URL: https://www.abbynews.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=1844688843
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.abbynews.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=1844688843
Origin: http://www.abbynews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:20:47 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Fri, 29 Oct 2021 23:27:24 GMT
server: nginx
age: 879881
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 66624
x-amz-cf-id: RblmLMpXJxOIP2FFW176bREalj4vJgxzHoO5Y32xHE967PmxPmBDvQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 486ms
45ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.abbynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 1207ms
94ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.abbynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 603ms
601ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328957&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=201&adks=635914923&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

512e85e4418b5738960fee9161282405c08040d8ca8b055fced68ca1a053b455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9637
x-xss-protection: 0
google-lineitem-id: 5818359317
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368551062
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 1126ms
1124ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328962&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=716&adks=3984404392&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=970x15&msz=970x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

75a9f8df29f845fac007bb1d5b15e187c6285642cbd29c02cfbac894934f9f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9618
x-xss-protection: 0
google-lineitem-id: 5818359317
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368551068
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 972ms
969ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328964&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=2291&adks=3422903207&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=1&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

da2f38e14f96723181891367589cadbbfda2f85af0b060d66176ecc7564ad260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 239389
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 397565
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 785ms
782ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit5&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328966&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=3207&adks=254253508&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=2&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aba9b6d58d70b2d15aaf2bf91c83f1a7031aeecbef7eab992821660b6d3e5896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9588
x-xss-protection: 0
google-lineitem-id: 5360886369
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351361607
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 431ms
428ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit7&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328968&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=4218&adks=2240521934&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=3&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a702024c3f0675fcff2cf8b1acbf114ded5429314644fb886fd4dd23e215666c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11675
x-xss-protection: 0
google-lineitem-id: 5832415859
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371983296
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 259ms
257ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328970&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=4737&adks=1371688121&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=4&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7db82ef7cdc624a599e540172d2d2ba7fc35cff38bb34f4b17dd4c57b5532da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8562
x-xss-protection: 0
google-lineitem-id: 5789457823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364616919
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 1115ms
1114ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit11&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328971&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5543&adks=2333070162&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x15&msz=994x15&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=5&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f29d759798be5fc44d2e05692d5b07dacf0c401deec2c8a9f360930a7280ddd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
google-lineitem-id: 5239212886
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296556338
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 1298ms
1297ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit13&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328973&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=6175&adks=2088326607&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=6&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b60dd696e8d918005d937cb9939e3c4aad22f657cd892862c30bc0c4556b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11787
x-xss-protection: 0
google-lineitem-id: 5610826491
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370654513
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 432ms
431ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cvendor_library_0&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328974&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=8059&adks=3346448585&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x8060&msz=1x-1&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=7&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cbb19ddbb5f481ffb3ee1ef4040086c5e035d3e0e0c64d9c8b83eceacd494b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0
google-lineitem-id: 4417344124
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138210660707
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
440 B 782ms
781ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cadunit22&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328976&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1041647911&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=128&ohw=0&btvi=-1&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f612b02cab3a4e44ec79f9db952aced3935f378b533ce512698228bec6ee6414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
414 B 1294ms
1294ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3852483330887554&correlator=1490008276462116&output=ldjh&impl=fif&eid=31063712%2C44752541%2C31063182&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=1036919%2Cobit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dabbynews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=23&abxe=1&lmt=1637286328&dt=1637286328977&dlt=1637286325886&idt=2331&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5043&adks=3510672909&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=479025384.1637286329&ga_sid=1637286329&ga_hid=1089468255&ga_fc=false&fws=0&ohw=0&btvi=8&nvt=1

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

71908bbd021be57f07ad6d59f0274577a2bde6c97d4947d4edfee085a2b5cd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 73B1 6 KB
3 KB 1260ms
57ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widgets-20170109.css
vortex.accuweather.com/adc2010/oap/stylesheets/ 112 KB
14 KB 8ms
7ms Stylesheet
text/css 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
etag: "43ca979bc36ad21:0"
last-modified: Mon, 09 Jan 2017 21:59:10 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 13968

GET
H2

200

current Show response
www.accuweather.com/ajax-service/oap/
Redirect Chain

http://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather%...
https://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather...

3 KB
3 KB

201ms
201ms

Script
text/javascript

104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1637286327578

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Server

104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-80.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5d18201d90e5d9aa77119e14de2630961ce2ab878477815f90538fd3fc4addd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=171
servername: gweb-v01
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 1016

Redirect headers

Location: https://www.accuweather.com/ajax-service/oap/current?callback=jQuery19107110681220519872_1637286327577&uid=awcc1517344819771&locationkey=52892&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1637286327578
Date: Fri, 19 Nov 2021 01:45:29 GMT
Connection: keep-alive
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT, edge; dur=1
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame F89A 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fwww.abbynews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 94644
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Nov 2021 01:45:29 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 27238704_web1_211118-ABB-Emergency-notice_1-640x400.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 53 KB
54 KB 361ms
360ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27238704_web1_211118-ABB-Emergency-notice_1-640x400.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b62c7df0058672cf2914d0c98112246dde9fb28be030ece60029c5a812737879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 01:40:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 54615
x-amz-cf-id: bYqMm-FV1XpBEzRM7XycZYcg6AVWLFIFcCb6YB5z8Oy6C2qTNHpyXw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27219524_web1_CP141452622-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 14 KB
15 KB 358ms
357ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27219524_web1_CP141452622-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6add0458630d0a43fa3b3cf9bc1a96f2d34427ed8b18be145d0904dd87f2c129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 20:57:56 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 14739
x-amz-cf-id: JoaNnXocomnny-LhPaPZDhZ7t-26-lp4RlrZlk4NuM38UnQx586taw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27237992_web1_hwy99-landslide-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 19 KB
20 KB 361ms
359ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27237992_web1_hwy99-landslide-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7fd4991e3556bf1369e5efd59761acdd9abedab022cd2599a0cff46b2e03ee8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 01:08:42 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 19683
x-amz-cf-id: RNWuer6HkAe1r1UFfUWt55mSlhIUQJ0X3py_zJaih66aBN_sFwf9SA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27234723_web1_CP141452622-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 14 KB
15 KB 358ms
354ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27234723_web1_CP141452622-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6add0458630d0a43fa3b3cf9bc1a96f2d34427ed8b18be145d0904dd87f2c129

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 23:54:36 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 14739
x-amz-cf-id: KRuhZurtB1qaAr3sB3QxJxTfzk1Cf8SLkKUvHLALEVL_ozbhfJ6FTQ==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27235937_web1_211102-MRN-CF-vaccine-clinic-COVID_1-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 13 KB
14 KB 141ms
138ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27235937_web1_211102-MRN-CF-vaccine-clinic-COVID_1-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8a8bcd311e85e8e980194f91bcfadff7088d6447ec4f19539a49dd231b9b1a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 23:34:15 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 13554
x-amz-cf-id: DKID7YtqPR3CVTsyuMSQQt1YHxcbIK9aLF6R2zqz77F_0MHRH--fLw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27234872_web1_CP141665650-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 17 KB
18 KB 145ms
142ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27234872_web1_CP141665650-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ea701a563f82c40bbdb90e4450c82dabd3089cb2e280ac1a8881046ce4fd36c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 23:31:16 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 17545
x-amz-cf-id: AoP6h6k3BbaFhjFtpMt-rk_lbpr4unPxscKH9eWiy3Awc2bMvkz3xg==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27234807_web1_coquihalla-collapse-1-300x200.jpeg
www.abbynews.com/wp-content/uploads/2021/11/ 18 KB
19 KB 140ms
136ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27234807_web1_coquihalla-collapse-1-300x200.jpeg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: eb78c09d20d10c382e33b618653153c20db0242f925f64497e7d490cde05b7f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 23:11:54 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 18194
x-amz-cf-id: YnQp4Yk3x4Uj2gRiS8DydY_C1HORkSlTIljQ_xaQ1pnJ_eYyKJ-ZiA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27234580_web1_2021111812110-e7a23c13815ad4b24a1ddb7ddb32e571c9642a65eab154cb17616df7ba5e11cc-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 9 KB
10 KB 355ms
352ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27234580_web1_2021111812110-e7a23c13815ad4b24a1ddb7ddb32e571c9642a65eab154cb17616df7ba5e11cc-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f9faff1edb5b3b7a84a8be733d977d5cf3470bc964e6351b8cdcb34b8d4add37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 22:31:20 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 8999
x-amz-cf-id: pkuQfT15tA8n9_sknC-cjXcL8hjnAAamNiU4SHPnkkaV57dEo5hYxA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27212386_web1_211116-BPD-NSR-sumas-prairie_1-300x199.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 13 KB
14 KB 143ms
140ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27212386_web1_211116-BPD-NSR-sumas-prairie_1-300x199.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 393eb38f12a9ed5a3d6f17742d4feabd71a799c284c132372c9379c14d7cd183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 15:47:08 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 13499
x-amz-cf-id: N3-jPHI7iF3qciasTMqRXMMsVA9DeLJ09wSfoGnhQEk2BfzrXl0LJg==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27194900_web1_21116-CPW-Helicopter-rescue-stranded-motorists-chopper_1-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 20 KB
21 KB 481ms
478ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27194900_web1_21116-CPW-Helicopter-rescue-stranded-motorists-chopper_1-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 10d3caf1dad9a34df417d3de2ad9bc5010a9335507c8a419123f9c83ebeff7f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Tue, 16 Nov 2021 15:49:52 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 20483
x-amz-cf-id: 9n7zA8Rq8HZBdbsTfGht6R3nOO-L9bpkNYk0Bbw6uzOGilwyzR7pyw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27178674_web1_211118-PSS-floodpush_1-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 19 KB
20 KB 150ms
147ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27178674_web1_211118-PSS-floodpush_1-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 63d51359b36029090121b5e5c40e9f64a8ca82e6be2e4b64289256b81edb7c7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 19:50:00 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 19323
x-amz-cf-id: XLhmbHLlIV2IrsCgVexfMmq9XI4zWdCIMi8FBMSbWiqwobt9qSAkdQ==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27164031_web1_20211112121144-618ea8ad545c08591128c874jpeg-300x200.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 13 KB
14 KB 357ms
354ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27164031_web1_20211112121144-618ea8ad545c08591128c874jpeg-300x200.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4c416724ef1efdb2a2fd4b5c022b9e0dd5087505734c91cc7b0783eef30898f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 20:28:52 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 13791
x-amz-cf-id: -a13KAsWMrAoU_ylYKvMP82tZF7KQBkSS52iFaKrGaZxQXo4e_ZAgw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27237118_web1_211118-QCO-NorthernHealthOrders-Map_1-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 76 KB
77 KB 417ms
415ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27237118_web1_211118-QCO-NorthernHealthOrders-Map_1-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: dd44d96fd59e0bcf8cbc93cd2b9df29a408d2715ac7c341b97ae6751db91c4c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 00:15:55 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 77951
x-amz-cf-id: x_FmaUBTHuR_uBmJL-5x9M4VdD3vA_xgH_bI98_-kWa2FwX9MMxDPA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27231014_web1_211118-MRN-PK-Pilot.Evacs-PILOT-Evac_2-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 64 KB
65 KB 362ms
359ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27231014_web1_211118-MRN-PK-Pilot.Evacs-PILOT-Evac_2-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e146901d96cca92734ff7bc8f61228fde04d138049edbc7e2d839c4145e9f08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 00:00:46 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 65489
x-amz-cf-id: 1wFecYsYfc8kjF3o6PNiXqjqGIjdjX-n246u6JG2OJg7ZlGD7fj0Ow==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27228421_web1_BCHL1-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 40 KB
41 KB 172ms
170ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27228421_web1_BCHL1-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: bf798a212188f2eddc65b84febe82d5110b4c92e33dc971b0b54012754db8d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 17:02:25 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 41241
x-amz-cf-id: le6E3upTWnu0yXLs44KmA6u0k44tUeN2LMKQl4QxBXKNrzd48UQfbQ==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27227200_web1_211117-CPW-Canucks-Avs-green_1-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 80 KB
81 KB 390ms
388ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27227200_web1_211117-CPW-Canucks-Avs-green_1-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 52aab9dcbbca180d97592aff586e675c97e44f2f2542284d532cb1cfecaa1377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 05:18:59 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 81795
x-amz-cf-id: CJCM7zqFSFMNsyfJ1GzOCQwbU0_y9V9TQ0Yrr3Jvy49WJvRUcMKWDA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27233331_web1_211124-NBU-miss-canada-role-model-3_1-640x640.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 171 KB
172 KB 388ms
386ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27233331_web1_211124-NBU-miss-canada-role-model-3_1-640x640.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: da1b8452c623474960c1502afc0f0db5db0a948964de781460463e4cf47bfa90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 21:23:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 175360
x-amz-cf-id: GAsArxVwXy0FV87Q1aGIN7NgDR5ttDJ6iwC_Ytss15JuklukmQiXHA==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27235935_web1_211118-ABB-More-GoFundMe_1-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 39 KB
40 KB 148ms
146ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27235935_web1_211118-ABB-More-GoFundMe_1-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 31e5d47b21272f0b35b881201a91486ad2ebdbea27bb88c294e910d00de6a18b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 23:51:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 40341
x-amz-cf-id: v7gFf14N1JewEI4-kZDXStEMSUTXCNX-1VnF7DRBWO-wvUmoojzq6w==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H2 200 27234382_web1_211126-AHO-Agassiz-VIdeo-traff_1-640x427.jpg
www.abbynews.com/wp-content/uploads/2021/11/ 46 KB
47 KB 149ms
148ms Image
image/jpeg 52.222.214.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.abbynews.com/wp-content/uploads/2021/11/27234382_web1_211126-AHO-Agassiz-VIdeo-traff_1-640x427.jpg
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-75.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a219c50527d3e9887496b6f8d124877885a1ff1671276e4967f14d7dc8a1a9e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 19 Nov 2021 01:45:29 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8d.cloudfront.net (CloudFront)
last-modified: Thu, 18 Nov 2021 22:57:40 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 46874
x-amz-cf-id: eQrckPdkXEHU2BmxqGgFN1NX1q42Z7Ylzu_6otb3sWv9GAFMIz0qNw==
expires: Sun, 19 Dec 2021 01:45:29 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 197ms
96ms Image
image/gif 52.6.232.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=abbynews.com&p=%2F&u=CTvajlCRWB1JDVVl2-&d=abbynews.com&g=65935&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7765&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3763&t=szIhkCvRKbxBp5InwD2w2E3DhL8cM&V=129&i=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&tz=0&sn=1&sv=mj1WhCF3gKHCjZJaqZ2vU4D4TLQj&sd=1&im=047b0ffe&_
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 52.6.232.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-232-190.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:29 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F89A 232 B
447 B 144ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e4fdb9d9df253a3bc916085253ba8f86fa63e295

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Fwww.abbynews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 19 Nov 2021 01:45:28 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 01:45:29 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 62a49170d3f7a71e5cc530c0e0af8b9283bbdfebdb0d8ca7afa411716b3d9082
content-length: 166

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 5218 90 KB
23 KB 78ms
33ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1514
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: vQHf34kw1wRv64xdF7XiKgkIgqxfbRmtd9sOFjvME6Wyj0YRzlP7Jw==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5218 77 KB
26 KB 81ms
80ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3bf8f52f9448cc816908d39b935d5b5414ce0daf3235c0a85d84ea750ad6c87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1048 / 274 of 1000 / last-modified: 1637276782"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26823
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5218 119 KB
37 KB 470ms
71ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H2 200 12-xl.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 58 KB
58 KB 21ms
21ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/12-xl.png
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a55e34bd141cc265771885303756fc66b053a5ade45ad102dadcd3fd45ce6fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
last-modified: Fri, 22 Jan 2010 17:08:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "07b2185859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v03
accept-ranges: bytes
content-length: 59185

GET
H2 200 12-t.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 5 KB
6 KB 35ms
35ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/12-t.png
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 850308b864399fef2dc45a80743a557e3b9b4f2476062da0a62f0b6df05c89eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
last-modified: Fri, 22 Jan 2010 17:08:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "07b2185859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v02
accept-ranges: bytes
content-length: 5479

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

459ms
108ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2662
date: Fri, 19 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 03:01:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 5218 9 B
589 B 268ms
223ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=529064
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuQ4ODgSKmQYcvFqh22Ij6pKLpoZSGdHZjhBkuorM9ndcg2qSDxw7pyVjlKyFHrf4GZRZTGJnaJOJI1noT8xBf20usm4txUB8H9o%2FZx%2Fywt0Ne8TJCuBvsvjOlFw%2FqJTxvI%2BUsxEWV7ACtQ50uSIhf5Yqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c266ed4c4ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5218 0
0 99ms
99ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_IkU2g0lfJHGVI_0GdtJItA_27kdWPMg9IlKjs1x4qUqrpmJXmYH2IhG9GFgJ8Yckpefu6gEd4I0Q-oNDLI3R6qwun4NlFKpxM_N-OYM6aGYxBjf8fRoAsOThiAAyV8mnAcdFiGaj0DOG0-H04QStKaODXrTpZlwvaCPwV1l-R__KpESdayR06ikh3M9sVjqdf1PvI45mSRxzl6TkOqwHklNPwX9o0YnO82zKFqMStW90LsNEs0_zvB0zv4O_8E0ypiOofWzsU8v_6BK5zft5C3ZNDedlS4Kk4sWdxYbuiRTerQ&sai=AMfl-YRqBK89mbODC96MxP7kl_0_FVI65wRBNpnAQJrfP5QPoTCxOGs1Y2NAFOEXx-9PH956MDDNiJrk9CezlKcu1GKeKiGcNPwelnQWpZ9Z2VQuahnHCZ3Ms-IHJSeZBJg&sig=Cg0ArKJSzIRL69FY3_QgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
BLOB 200
OK 93ad88cd-e309-4f62-9d6c-5ce4da356685
http://www.abbynews.com/ Frame 5218 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.abbynews.com/93ad88cd-e309-4f62-9d6c-5ce4da356685
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 pubads_impl_2021111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5218 345 KB
116 KB 75ms
75ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118768
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 09:34:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame BA59 90 KB
23 KB 35ms
34ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1514
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: QFZNrGueb2NML7K9jgpkQWe18wV8LVkOPrexhlNZwgfEIdGftkBWiA==

GET
H2 200 4776003560550192244
tpc.googlesyndication.com/simgad/ Frame BA59 25 KB
25 KB 444ms
54ms Image
image/gif 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4776003560550192244

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

345ca3259b1829c754a5a144e3e96c92419a5d31b6baa132994bb1135c6bbb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 17:18:48 GMT
x-content-type-options: nosniff
age: 30401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25620
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 17:11:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Nov 2022 17:18:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BA59 2 KB
2 KB 443ms
53ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:03:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA59 119 KB
36 KB 378ms
159ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 80BA 90 KB
23 KB 34ms
34ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1514
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: r1FmQeBNAKK3k3xSBi1JNcr43NCqycjvqeUAm-mmy-SI7U_k6l4rKg==

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/110/ Frame 80BA 23 KB
9 KB 76ms
13ms Script
text/javascript 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/110/freeskreen.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4e4b5f8411a34d61a21827a8d3c221821e3a938f87e6c49af63b5fef34976c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .M5FsrHFr0aUvyoCgZifFHOBs6Jq7KEY
Content-Encoding: gzip
Last-Modified: Fri, 01 May 2020 19:16:19 GMT
Server: AmazonS3
Age: 78816
ETag: "1d9a288d146d1493fbac48833833a135"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 18 Nov 2021 06:31:32 GMT
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Content-Length: 8724
X-Amz-Cf-Id: Zr5Mci3Z7bdTo9E_H24gqvawHB_NIzjUKcXc0t4JCc05R1O614Nwrg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80BA 119 KB
36 KB 276ms
129ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H2 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame BA59 9 B
302 B 220ms
219ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=346034
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8vT8UD48wiED1ay7d3S8DWZIpnX2A%2B1Y6M1XjY%2BwyKm2mxXqRoXJ%2FI9YoChTuQ06izyfx%2Bdmv%2FmOlhn2I%2BQ8Z60QqOc%2Bq23IPjiaiM3yLf8xVuhuCcdfdtRyw3FlwGlgzM6Q1R6IwsIkkwLuTseuBDb%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c2680e294ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA59 0
0 75ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5xfi2sAbszfBCjL5aX5P1b3gYGoPmKwiqDBfTHbkEyQ1TTflVRw2iQcX-EqZxSILEx72WCUORK9I1t8XWsrhcUXr4s4R0e7NmfWManX9CrpHmUWugRZ5pO5NzL8rb_Y7jlZ_KeRDfHy-pZDwWdDu-LyHWxZeUx3QjzVlWdaIRHbnq35Nh2Q9hHqEnMHr3D3iU0GqkQlsWM3TcLrnsZGT_3uc9yZqu7dc5u_yKxRdSB0OxGBstQXt-Ks7EqWodg75UvqbuHZ5ZNKOgJ3-5Y4EXI1Df9oXRBKlcYvmVcTBil3m6eTAB6A&sai=AMfl-YSGIEzGER9pGdrFTM9ypl2VL17tpvXlzvrE9DNDek3LwPZeXEVnejvGxsYf_NTrvlHUVeuycQQPQM8OB0C_CB3ZjqkNYFOe6EB48qR0UGV1yx-UxxbV31SmDAlNjN8&sig=Cg0ArKJSzH3t0ZHwXv8nEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 80BA 9 B
299 B 238ms
237ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=383075
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H565Td2xD65HK4Vq9LoINajBrh2fh9V%2BMJQmmOp9c5qzEK1vg9n5YkQr1Z8Qiz6U7J5IJlWv5ZSP6324gL03n%2BeJYO2wQODiShZn1k%2BQD189RLIcubF1tqF%2BRHLPMBmvVkOQSJDgW%2B29J0YGCHGLq5uRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c2682e3d4ec8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80BA 0
0 74ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB8NdyYpmisQ5s6Iw6y0hvMNO25OAksHN8JZmMNzlzi1UkssJgj59UpQljgFm5wPkWBo2gJxL0h3B7kXrIAEKIFaaUoTOm76xkKMNyZ5A-chxIuxP_1yYWbKylfWKb1He0klFBT9aqFUzcx1V5lRl0Y9J7mKUs5YfdnHuR6kVeGbWalqLGrVbGh_tE5La3wzwfFBdIwgX43t2Jn6GWs049jg9PU_so6gL_DMp_zFUXYLivue_cdLlHvErvxMlV9qco9g4-ceqV5e-nbN1dbTHLIciiMlijMMhxWCvvHab82aDlFyGP3ndN9yAXkg&sai=AMfl-YTl3ZZyHm61HcB5kmHuAkTAzVaotGJl6K-JnAObCGXmip9fkT5N5GqEejqQzMKM125DjRJV9EINRC8sUGfXKmlCsJDWqXd2ldLkFakxtZHs-1Vj8EhlNbbpc7MRD7Lq&sig=Cg0ArKJSzAWxPQAN72-YEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8171 6 KB
3 KB 606ms
54ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 29359a90-326a-4bc9-9f2c-c647f93fe501
http://www.abbynews.com/ Frame BA59 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.abbynews.com/29359a90-326a-4bc9-9f2c-c647f93fe501
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK d8f570ef-a2c4-4778-b53b-ac7a3aaf26bc
http://www.abbynews.com/ Frame 80BA 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.abbynews.com/d8f570ef-a2c4-4778-b53b-ac7a3aaf26bc
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5218 107 B
165 B 361ms
60ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.abbynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5218 107 B
165 B 4170ms
3836ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.abbynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5218 76 KB
26 KB 302ms
301ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1469079758957104&correlator=1693022838101166&output=ldjh&impl=fif&eid=31063711%2C31063783%2C31063183&vrg=2021111501&ptt=17&sc=0&sfv=1-0-38&ecs=20211119&iu_parts=21849154601%3A1036919%2CAd.Plus-970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=site%3Dblackpress.ca&cookie=ID%3Daa9ed5b5da234b80-227dd5b8dbcb000d%3AT%3D1637286329%3AS%3DALNI_MajKfzkWKwX8zn1pDQpfX3ppzzWSw&cdm=www.abbynews.com&bc=23&abxe=1&lmt=1637286329&dt=1637286329732&dlt=1637286329278&idt=429&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=2&adxs=315&adys=5578&adks=926511643&ucis=9jr73gpeoceu&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fwww.abbynews.com%2F&top=http%3A%2F%2Fwww.abbynews.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=1561706516.1637286330&ga_sid=1637286330&ga_hid=27262187&ga_fc=false&fws=256&ohw=0&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

de6d6135fd8117825be5d34c1c8e96e6aeb4e49dcab238aa98254f39857ad8be

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIzA1PCmo_QCFReE3godD5QKBw&gqi=&layout=/sadbundle/%24csp%253Der3%24/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIzA1PCmo_QCFReE3godD5QKBw&gqi=&layout=/sadbundle/%24csp%253Der3%24/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26295
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 19 Nov 2021 01:45:30 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A09F 6 KB
4 KB 462ms
48ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK script.js Show response
sb.freeskreen.com/publisher/ 85 KB
23 KB 223ms
196ms Script
text/html 18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dabbynews.com&flc=&slc=&windowlocation=http%3A%2F%2Fwww.abbynews.com%2F&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/110/freeskreen.min.js
Protocol: HTTP/1.1
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 93bf6fc5f7161ff39a3c2cd19b8eef0bfc994107a42dfa2ddd568b2d634e2155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:29 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA60-P2
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Content-Length: 22589
X-Amz-Cf-Id: X-D2DR75OiFlq70vpl6tEA9SX1-L_XbNgJZhH6AJWVZ6Kpw1PW5VYw==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F142 6 KB
3 KB 439ms
60ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5218 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26406d5c03b9e3cb5d5325fc5a88088f0a593fdfebaeb9d3a0a948b0376108da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 80BA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e7d64f72f2edb76e15c9c1236ac2440c10f81af30d844bbf780b9ac5d7e8c26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80BA 0
0 126ms
78ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssBzR0p9cAcL2lkjQS-zUfrB8wyryIe27wlDj7YVkNTdQ3s0HkP4aiB_yIkar3oLR45A62KhEoWWL3-1wUXnImdMfLjRgrWuXK6c3k3s5ik9XYNigj1AJZR_RgQzHDySgU0F0is8LDYKmmSVGyHGfV_6p0csFR7GmM5Md2ZbE2Za623i579rS8O3N4Z4S7a5W_tlggtoeR9DgXKdynOKss8ybm-JeAKoJPqL9xJt6ZHwtoWVz4fivZIrMiylUcvrE8ZJuySXCq64MlIQhKA5smV5qVINm3ROzPx0yh9Wz5ecKgzkogOewX-hjSp3sp&sai=AMfl-YTP0J1Uuww001u1A7w2On4JEL8xSWMDJ6dBcVlf5K7F4RJndnA9a-PP-AYANM27R9rdNMFpKr1wOwv-TymjnqDdfiWTFz5rxBGC6UXzObRoHdvepH03eJxOGbA6RGmU&sig=Cg0ArKJSzKTdWqIZqlCREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA59 0
0 109ms
82ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3yohguj6qsI7PUhuDOVHqYdtpUB_2vg6JhR5S0piLGLMs_SkFlgqMF7RWSRhDjf-fLm9sVXKVvhsgYWb4R6JtsR7Gtk9_K-lwd8ttYLZsr4hyQ9taiLFHeoEX_17tuV9q_K_OuoHq6R3XgvyYTgpmB6886N0FUj-iX0Y3Wafh94S9l6zFu_f0zGfqTu531SJlbklYIdCWyZTowuXu2Py0pNQRfHyb98Aa1qqX8hsomnF1HJwMl6fKfZUWb5ZFNpZYf3Y4TYy9PteUjibys0iSuOf_1uOPtj8qfbzSu0IxyjUnc2Z8vGqY&sai=AMfl-YSVI0zDfdOjM9v_Gjx804XTqsE8_sLXWrLGvjYzyRDBfRYnvrRirSvVR0GdoPaC6PycuqxyhXrGB9A0UrtFJDEH6oq_44ssqqawGjkV92rdHyIo67BnQgTjcZuw1Ho&sig=Cg0ArKJSzJAHh8ImrK-QEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
DATA 200
OK truncated
/ Frame BA59 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf112a629025eca8ff03268bcefd7d23ea07e5bce2e9e36826fed2d45ac84711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC78 6 KB
3 KB 273ms
63ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 16 B
343 B 107ms
27ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=5246589270&out=js
Requested by: Host: sb.freeskreen.com
URL: http://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dabbynews.com&flc=&slc=&windowlocation=http%3A%2F%2Fwww.abbynews.com%2F&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 209B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

44ms
14ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: http://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dabbynews.com&flc=&slc=&windowlocation=http%3A%2F%2Fwww.abbynews.com%2F&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 Nov 2021 01:45:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Date: Fri, 19 Nov 2021 01:45:30 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=http://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
http://sb.freeskreen.com/um?sa=436030397313083836

43 B
748 B

35ms
34ms

Image
image/gif

18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sb.freeskreen.com/um?sa=436030397313083836
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:30 GMT
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Cache-control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-Amz-Cf-Id: 0lWjo0CvoiaLj6cprKhUyy4P4t8Rewga8NvA2ZFMAfj-74hemLM24Q==
Expires: -1

Redirect headers

location: http://sb.freeskreen.com/um?sa=436030397313083836
pragma: no-cache
date: Fri, 19 Nov 2021 01:45:29 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

verify
scm.publishers.tremorhub.com/pubsync/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

43 B
182 B

96ms
96ms

Image
image/gif

2600:1f18:612b:4216:faf1:9619:7fb0:de49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scm.publishers.tremorhub.com/pubsync/verify?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Server: 2600:1f18:612b:4216:faf1:9619:7fb0:de49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
date: Fri, 19 Nov 2021 01:45:30 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=http%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
http://sb.freeskreen.com/um?ac={$UID}

43 B
740 B

53ms
52ms

Image
image/gif

18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sb.freeskreen.com/um?ac={$UID}
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:30 GMT
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Server: Apache/2.4.29 (Ubuntu)
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Cache-control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-Amz-Cf-Id: ALTun6zAhzy4kmu9TphGMjM4VIxAVhkuJj1IqioGzwVEA-QJjjpfmg==
Expires: -1

Redirect headers

Location: http://sb.freeskreen.com/um?ac={$UID}
Date: Fri, 19 Nov 2021 01:45:30 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 204 /
loadeu.exelator.com/load/ 0
324 B 138ms
27ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=204&g=1300&j=0
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 container.html Show response
aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4656 6 KB
3 KB 139ms
50ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F1B 6 KB
3 KB 118ms
51ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B78 6 KB
3 KB 51ms
51ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 19 Nov 2021 01:45:30 GMT
expires: Sat, 19 Nov 2022 01:45:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 209B 32 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 410808f5f65fdd05b18ac4d63bc24f770d6b7ec9c6fa70008eca154df72d80ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:00:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10198
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9512
Expires: Fri, 19 Nov 2021 04:35:28 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame BE29 90 KB
23 KB 17ms
15ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: bfUFq3Rxk-EOEtczrsC6NLUGeYNvfK_UJpq94RXEXJyO1uZ5cFpH3Q==

GET
H2 200 4409431827994981065
tpc.googlesyndication.com/simgad/ Frame BE29 19 KB
19 KB 348ms
47ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4409431827994981065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

7ea2b6725d581886b54d1810d714c2321379103d43ca42bf904f722b269287ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 09:24:06 GMT
x-content-type-options: nosniff
age: 145284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19548
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 15:38:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 09:24:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BE29 2 KB
1 KB 346ms
46ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:03:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE29 119 KB
36 KB 484ms
247ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame BE29 0
0 845ms
549ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRed4t1EPTqs2E_CTs4Eyo-32we1bXOYJZ52QfcaWr2AdbMQa8uBIZJHMUqvxilT1r0s2ju
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 215 KB
26 KB 342ms
40ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

dfc752f7c8eb3ebc90d53b7b40dbccf5984da0077440533e0ded2dd847ed83fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Tue, 16 Nov 2021 23:02:31 GMT
expires: Wed, 16 Nov 2022 23:02:31 GMT
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 25669
age: 182579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4656 0
0 82ms
82ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDlryuQGXYcz_L5eI-gaPqKo4qJCuxGaL58Sy3w6Wgs2FiBYQASDG-9Z5YJXikIKgB6ABw9C1_APIAQmpAtYUekckE7M-4AIAqAMByAMCqgSYAk_QqMQVQmx-s0hysRfKzNf-AZ1tPJE1FkjVQrVXXKjQybh3LxBuwryXJxMscNn6WLWnc-iYEVGLeC0NQcPvM6asWad07xqcm9VrwBwcx0IO0KeUNsSHaGJs1YBmvGxqGmxCNr4eAEL8N9PJZBNrOrqkCpp2oP8KYk7tQGiIltR-OXnV_InwEgRLEEbvNfRfpjX16sWZZKI8ysqcvIKXX3FUDWPfPu4y566MtYKxAwnu_2rq5_b4M-JByEvzo7_B1uUvYLRDrl0QzCU49RNn0L-zVkEHZd4VmHvuu29X9M4p1RgkrLGkPPdO-V6bNaESbcoy_SvD6QbQUCnB_oU6aX8taKl1ecslOWjGBMYR9awf1hKxqgu8dw3ABJbU6a_NA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAelr8oDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQwIgK0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04ODk5OTE0MjI5NjY3NTIxgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTQ1NzMyMzE1NTAzNTUyMjEY6qpy&sigh=Dt5-rg4tRhI&uach_m=[UACH]
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET s
googleads.g.doubleclick.net/pagead/drt/ Frame DD0F 0
0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4656 2 KB
1 KB 360ms
59ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:03:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4656 119 KB
36 KB 1237ms
1074ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4656 15 KB
6 KB 359ms
58ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:31:29 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0B78 90 KB
23 KB 10ms
10ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Zx-gK16hbRnrn6ouu7m-AoF_LsxejWflutOFysG1rOiGYmyY0aElyg==

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0B78 19 KB
8 KB 363ms
62ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 00:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 00:53:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0B78 22 KB
7 KB 370ms
68ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 18:51:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B78 119 KB
36 KB 272ms
111ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3F1B 90 KB
23 KB 13ms
12ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: wd_AV3ICo-HVhHfHrI4n2g3DJM6wDwxUH32LPg172G_kpHUNorYXzQ==

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3F1B 19 KB
8 KB 374ms
73ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 00:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 00:53:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3F1B 22 KB
7 KB 380ms
79ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 18:51:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F1B 119 KB
36 KB 783ms
625ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 8171 90 KB
23 KB 17ms
16ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: QCEulSKYg25l5iQgNKZh5T6rpn4CFLrAv8Zeo9h_-pDfBPlhGJJgNw==

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8171 19 KB
8 KB 384ms
82ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 00:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 00:53:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8171 22 KB
7 KB 390ms
89ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 18:51:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8171 119 KB
36 KB 705ms
549ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F142 90 KB
23 KB 16ms
16ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ORWNnwYxrGFJRu_U28IJgIODINSlAeXvXFljJVqr5XQ5v1l0yoqPNA==

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F142 19 KB
8 KB 392ms
91ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 00:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 00:53:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F142 22 KB
7 KB 400ms
100ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 18:51:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F142 119 KB
36 KB 265ms
112ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:30 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 209B 284 B
536 B 31ms
7ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame EC78 90 KB
23 KB 10ms
9ms Script
application/javascript 2600:9000:223e:9800:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:9800:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pJ7RL5cJJu6wHXBdjGTdxPq.ukv9qc4e
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:18:20 GMT
server: AmazonS3
age: 1515
etag: W/"3330048e7c81d7e11dfbac42920c93fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 19 Nov 2021 01:20:16 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: SinjsSRvKsD-DrQYGDmVKY5M32ZurEWcdAwyzpPNONIqhAe_x9k5kA==

GET
H/1.1 200
OK openx
ie1-bid.adsrvr.org/bid/feedback/ Frame EC78 807 B
1 KB 94ms
29ms Image
image/gif 35.71.161.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ie1-bid.adsrvr.org/bid/feedback/openx?t=1&iid=20fcb875-2b0e-4feb-9b39-ffa11f2c67f4&crid=d1fscc88&wp=AAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA&aid=1&wpc=USD&sfe=13ce81b9&puid=&tdid=&pid=xnw5wf7&ag=18izhwm&adv=jh293ro&sig=1SMldXEl_W58nZYdMzVdbLB_F-iNpFBvpPb5ifRKm4PA.&bp=0.11319708177923&cf=1043467&fq=0&td_s=www.abbynews.com&rcats=jte&mcat=&mste=&mfld=3&mssi=None&mfsi=my7764go9n&uhow=122&agsa=&rgz=60326&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=01&mlang=&svpid=543894193&did=&rcxt=Other&lat=53.347000&lon=9.987000&tmpc=11.35&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.&dur=&durs=UJSBm-&crrelr=&adpt=nopx&ipl=/1036919/adunit3&pcm=1&grdc=CAEYASABKAFAAUgC&cx=8903459462156604370&said=801a279d-ca7b-4e84-b93a-afb81b74a233&ict=Unknown&auct=1&cxlvs=0&im=1&mc=da271b67-e366-47ff-86ff-8e9684b49843
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame EC78 27 KB
9 KB 40ms
8ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-5.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 73dd370eaaf28363bf62d9c251faad48f311035cbaacf63ae4e8158077308347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:23:35 GMT
content-encoding: gzip
server: nginx
age: 1315
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: kfys4OIk2ZLN-sr8SD11ny03GuBCwam__C0FHShNuGjzJqtFrOKTeQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame EC78 2 KB
1 KB 343ms
43ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:03:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC78 119 KB
36 KB 6750ms
6726ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Nov 2021 01:45:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame EC78 15 KB
6 KB 340ms
39ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 01:31:29 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EC78 22 KB
7 KB 342ms
41ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Nov 2022 18:51:14 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame BE29 9 B
593 B 132ms
122ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=484755
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8zmUw0IoUh%2BAkzUly%2F3rbulhtqM06mFHcFrhHbruhCRL6jTt1i6SY6T9lVGxUijGgM7zJWX4CSDa%2FcNtncdVJDL3X%2BMPRWxX5lGG8UvwEUiSFE1yoTIe%2FV2RWoyRvATW0YhZjqQuzB5k7szqlK5kqHmdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26d3e0c3233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BE29 0
0 76ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8x2gsAdCGb4nZUJ_gcMv-ZKn5E-MD3LVAZtK2Jcekg_uIM1V4JnSV2EDeKprh-EYej8_inyqe6IPDo6HBk55gAYwxYGPCJGrHKD9DQwr2cC5u4LzhRFZcwpohpWPulK1Bb98wUtq-nxt-uR1k5lIQ-2jk42foic8fdbmArWlQ4Kj63Xt4prsFpnYNhBYZaa2X4luJlE1_Mh56SdIA1FeicZsaWhrts6QIAOnH2TuMbuhKufPod0Uj5EE04T9DZexOc0gdiJcpC2PKcYa4DOSME7seIYbTdPbHe_GQ24ViiSfr6C46iKyom8mKE0nPdHfabw&sai=AMfl-YTBV4dlDaKDdV0FMpSOTkXibkav2EGaOEBnWZAgkwePJraZhAjvpj-2vtWOc27Ssspl9lCWEmq13g1MMlCmTbZry7m6ujV_qfsN9DDjVHWrSBTk8ozZRlzygOYyz_o&sig=Cg0ArKJSzM1ty0WPkCmHEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 394ms
93ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17101303-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2663
date: Fri, 19 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 03:01:07 GMT

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c

90 KB
35 KB

19612ms
19311ms

Script
application/javascript

2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a38a16125a90c77dfb92f9dfb488da253fab6cbae8fe7aa5b531c1201fe3c331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36162
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:30 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c

90 KB
35 KB

1214ms
913ms

Script
application/javascript

2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b65dc83295ab665948b55e2cb22660de9e996664bb3b48db5204d2c7d601bbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36127
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:30 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c

90 KB
35 KB

21899ms
21599ms

Script
application/javascript

2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

755e689193250349a18803167500fe2fe15a5ad4048d7aa9f47dc6ee8e5c5851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36162
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 01:45:30 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
BLOB 200
OK 61618ecd-f948-4009-8ff6-7dc916e0a26d
http://www.abbynews.com/ Frame BE29 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.abbynews.com/61618ecd-f948-4009-8ff6-7dc916e0a26d
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 8743ms
8442ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089468255&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abbynews.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABCAAAAC~&jid=603531447&gjid=337477113&cid=479025384.1637286329&tid=UA-31945348-1&_gid=1263981275.1637286330&_r=1&_slc=1&cd1=OAP_Weather_Widgets&cd2=www-abbynews-com&cd3=accuweather&cd4=OAP_Widget_current&cd5=1&z=1494657061

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 8739ms
8439ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089468255&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abbynews.com%2F&ul=en-us&de=UTF-8&dt=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABCAAAAC~&jid=915176158&gjid=580741276&cid=479025384.1637286329&tid=UA-17101303-1&_gid=1263981275.1637286330&_r=1&gtm=2ouba1&z=702991256

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 0B78 9 B
554 B 139ms
139ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=491725
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy%2FALCxI0t9ctwthXKI51ZMnB9V9OfoL1KZcWacRvxZV0YdZU7T3bFnJKrjq0vxreU3%2BTUL8AkXtnve3uez8CDACydLkNLy6cYCcewD5iPWoD88SA5wf2S3I6YqzEGMIAnqMC2FZccwLmsBmxDuKL%2BFjHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26dbe463233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 3F1B 9 B
557 B 130ms
130ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=188441
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4l6lsLo%2FNoP9m%2Fd2V9nN2zxqW%2BemTTecPX12IeQGEBvOPxHgbRjeVFjL6bE7XnL4rgdyIfExmm1lNjMQ5CXuDAN2L4oyTyHDxf0DB1T%2FC9KfiRiyONSciqWO0Tny%2FU0g2k%2FruPeIGp0ycRpK5iYQZFguw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26dce483233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 8171 9 B
555 B 228ms
228ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=576324
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3u1LB8eqk7YObCnyKJbu0kF6kFsaaGLbBOP6%2B2odQWD9I4CnPFSu5x5KmDUngUTeZS4DW6gQQ8pDhKqIfnKxldRHv84wOq9ZxtK8WKQoJ%2FNccSC9s2lCVRqUT9EQE%2B1Keglyhh7pTRfnOARht2z%2B8nUNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26dce493233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame F142 9 B
555 B 233ms
233ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=786630
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajLSOcFBo5KKBO9vuy0Fsom5Z2oPd05HejcMH2%2FOM4MQniz0r5BWZwGJsFTLIEDu2uvN6cpZMfsWCZP4IyqUp7eMYUk2E9YmVn6q6RZi4RA56loDBk1hA0pp8%2BYbzM1PeYzs72cbnh%2BH9P%2F%2Bt7rswWSL3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26dde603233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame EC78 9 B
556 B 228ms
228ms Image
text/plain 2606:4700:3030::6815:251b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=755339
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0PcA8nYsa5EwCeYDpCg%2BkAFqpLUy51kWvS3MHtQmbnBMZd6b8yNhot1lMVLqX%2BDcPJvAgDXeFB61jKJ5u7pVFjUmI3bBKua9iIXlDb4EQ7JwUvo6%2BN9r%2F4PFh8WMEvu3wE0Q%2Brln8SIFt7QtaO0Ej5Obg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6b05c26dde613233-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
BLOB 200
OK baccd19f-e0b1-4a7d-b545-363fea9fd96a
https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/ Frame 0B78 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/baccd19f-e0b1-4a7d-b545-363fea9fd96a
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK 4e79d3ba-fd10-499c-bf6d-bdb566e36d57
https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/ Frame 3F1B 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/4e79d3ba-fd10-499c-bf6d-bdb566e36d57
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK 9b194437-2c39-4588-be0b-a265e40744ae
https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/ Frame 8171 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/9b194437-2c39-4588-be0b-a265e40744ae
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK 551615c6-637d-4eee-9d4a-730128938164
https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/ Frame F142 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/551615c6-637d-4eee-9d4a-730128938164
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK e1db2aa6-4202-40ee-9816-9c717a54a7b9
https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/ Frame EC78 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/e1db2aa6-4202-40ee-9816-9c717a54a7b9
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC78 0
0 84ms
83ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-T88uQGXYbDALM2HrATfqoLIC4bK5Z5chIHg9s4CwI23ARABIABgleKQgqAHggEXY2EtcHViLTc3OTk5NTQ1NjQ3MTg4MDPIAQngAgCoAwGqBPIBT9BNoLveSESeNTdkM7tNsD2fgIjpzQS9OMHNeE_c1MbR_9b0IrfzISOL4gvgxVKdfiyuDjBrzmeAgSQyNCwi8LqHQrTPGsnjAnqDJH_HRLF7Q_Eye11feO5spv1r9WItCTwPqFEQrRsuHTN8Id-4nxGNu-KHtH2alc-MVZ1TwbVykOs_HEy_lp1JwLNmggBuFSVEKAf-u8DcuNqnmgvYeIZKtPHPQa1DyRgR7brfSSv1PAH-jVbF2fJC36DxwODFyaW2Vh3vfA2qfs3CVG1rtrn5A4kSDiuvCvvLYcnT-v83IjY3IwTLhBbliZokiLNVd-3gBAGABvHjsPTq_OquUKAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc3OTk5NTQ1NjQ3MTg4MDMYx98H&sigh=Yhbc_mcy4P4&uach_m=[UACH]&cid=CAQSPgCNIrLMpFNZGFxsb7geOSvm6ZHKGKQz4r67PMDZ4yXXHmVMV8P4-Ua8pQhDMRjn70fOK83GiPRBHd8Y62o2GAE&tpd=AGWhJmt4OdH0of2iMkjXc0jcxTWw3bZIsbCwS8Z9sPXd6hgBUihQ5JXd9-jzd2qaVqV_TzK9vyKvZ8N1iq5eI9_X07fLjcedqwyXj639BaZg-A5GiwXKJneYaPT-F3Yz-ixsMNTfDQaTyhNUgwBwT5WnSfpyjxoZLgjUJIIc8i6jQeQTl9RR0RO-Nlb2vVXfFUSbpiYmqcLlbDI1mduxmeKlo-LNzcZX2TYwjBrNOV53KNvcdTTsgyjSCfRMfAs_7u-do1DztVkn57WeBBS_V9jRhOtUAxkCzA1vi-0O9Hp5WsDov220XWBhZX7gwk5rcod1PG3iD-1hAFCkVJBRjZA5G6-NrsOsBcLU57FKlr9YAbZobiwMrMdrfx0Z-r1F-Yd7GA0SN8Os2e63eaEVhmq_NvkZKbwXi6Yc15aqn3T4hRAFqX7VQMqA2z6gBuU7Wz3g2rxOB-mxTcC6ifRTJfF71rb79GtFYlYmdRo9NWib6slMWBVwZvtGgoqtWi9TFg5DkkDpYcip-oMXMbdIp9I3tXf7Ua-46E8iXkXJFcWJF1kbWZk3lv-JVvgvUKzjwC3F9r4ge9kZcQ_PzzQNtzpElHBca1uXOobcUcjnLlg_kEVJESZiZKIFzscnlDKu5nTTRbMfMqb_mH2ygxsEZAB538nqdOP6hD66LkchHyPSe1LWpndwxX91Kim2VLlOKfSpXFnwk0UpvoeWc6AUB-nY9q5ANQxcPI9cSeweNlThW_g_leh8K89J5aSH-ilZevZ_ZbJwZuTDj44a-H4G3TwURo2tTgopeXfAxKD9xiR7RBomzFlfk8XSvOrMGx46cB6NRdGBuy2CH5HHowHzvDiUV_kLBJcewQqIkdsfAXbrvtDrj2H0N9XEm61YtBjfHk2qObh8Fy6WMJH9ZOCe4z5NKfDDYt-1Jdfic8ufGLjKhwulLG3ZEymCFzPWRyoAPrOw5kSlsdy51B0sS383zCMaWx95lruCz0PNYqcodnTkAsrvFMQb_OQlNtfXox64TNHN4qxMj97anXQmmnz-v-6HtbQR41is-Zm_zK-VSSQzPTKIFs4shfS5ssEb4MC4FF5_8zqmN-VL8Yx2TL4GSD5wLkZU4ucFWPXoQPBupnBJ8k3HNnfR0Rov-0Gk9P3YGWc3xKZLYu-DUxalge-Dlpf91w3UsNtD8QtiaSIzvHAymESzedNosq5mWzcdQhEXX5CV8_XP
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK kb4bf373gyzl Show response
ad.ad-srv.net/zone/ Frame EC78 10 KB
3 KB 53ms
16ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/kb4bf373gyzl?subid=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6096fbd299208a6d1a8a2ac049767b7c57e786d1fec17e8182489be778cc4872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3244
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad8.ad-srv.net/ Frame EC78
Redirect Chain

https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...
https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90...

2 KB
1 KB

65ms
43ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ba8a62a84d18118eb3f61fe0dbfd5036d86687db5588ac51cb8e3979603edcda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46514000007026200003104011783008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 731
Expires: Fri, 19 Nov 2021 01:45:30 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 19 Nov 2021 01:45:30 +0100

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 415D 16 KB
6 KB 337ms
36ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 23:28:27 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 415D 26 KB
10 KB 338ms
38ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 16:13:39 GMT

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame 7F5E
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=46514000007026200003104011783008&gdpr=&gdpr_consent=
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1637286330_&cachebuster=1637286330&awv=11430_473322_1637286330_60f2ad70-48da-11ec-9d3...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-NTE2ODA3MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzcyODYzMzBfNjBmMmFkNzAtNDhkYS0xMWVjLTlkMzktMjIzNmMwZG...
https://tracking.mlsat02.de/onepixel.gif

43 B
129 B

16ms
16ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

server: nginx
date: Fri, 19 Nov 2021 01:45:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad8.ad-srv.net/ Frame 1A59 3 KB
2 KB 42ms
18ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request.php?zone=kb4bf373gyzl&nw=11&renderingType=javascript&namespace=a1f89b7e4c&subid=&uid=5238afbb0bc0c5ac&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D20fcb875-2b0e-4feb-9b39-ffa11f2c67f4%26ag%3D18izhwm%26sfe%3D13ce81b9%26sig%3Dy00uAvDv5ljv3WpxbcbtDzUFVtflvZm39WXN7LxtOV8.%26crid%3Dd1fscc88%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Dwww.abbynews.com%26rcats%3Djte%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3Dmy7764go9n%26sv%3Dopenx%26uhow%3D122%26agsa%3D%26wp%3DAAABfTXeviYfjsF8mkK9Tu4ADoWjF4CTiPthqA%26rgz%3D60326%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D543894193%26rlangs%3D01%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D11.35%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55EgVIZXNzZRoAIhFGcmFua2Z1cnQgYW0gTWFpbjgBUAeAAQCIAQGQAQA.%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26adpt%3Dnopx%26ipl%3D%2F1036919%2Fadunit3%26pcm%3D1%26ict%3DUnknown%26said%3D801a279d-ca7b-4e84-b93a-afb81b74a233%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26r%3D&documentReferer=http%3A%2F%2Fwww.abbynews.com%2F&ancestorOrigins=http%3A%2F%2Fwww.abbynews.com&random=6417904805635&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 133ac9c0c12f8fbba4504146583046eac8c5e1090e2816d4b7e448c36f139777

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 19 Nov 2021 01:45:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1209
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3

200

pd Show response
us-u.openx.net/w/1.0/ Frame 17E0
Redirect Chain

https://us-u.openx.net/w/1.0/pd?plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37

668 B
436 B

40ms
22ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 8702c37f8cb474dfdf78a05b4b621edef00386f2212fefc8e08eb74d34acfffb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Nov 2021 01:45:30 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
date: Fri, 19 Nov 2021 01:45:30 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 0B78 109 KB
38 KB 458ms
40ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
Origin: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Nov 2021 02:57:27 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 3F1B 109 KB
38 KB 498ms
89ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
Origin: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Nov 2021 02:57:27 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 8171 109 KB
38 KB 532ms
131ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
Origin: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Nov 2021 02:57:27 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame F142 109 KB
38 KB 538ms
150ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
Origin: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 02:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Nov 2021 02:57:27 GMT

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 1A59
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950...
https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&...

1 KB
1 KB

112ms
29ms

Script
text/javascript

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451

Protocol

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0cae1c6bfcf4f135ad1641af2c3ee9031ef0c77759612cb5ad783617a0b7a051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 823
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1A59 0
0 28ms
18ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2950366&v=11430&q=361931&r=473322&pref1=46514000007026200003104011783008&gdpr=&gdpr_consent=
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
ad8.ad-srv.net/ Frame 1A59 0
150 B 43ms
16ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad8.ad-srv.net/viewability?s=46514000007026200003104011783008&a=2105064e&vb=m
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 17E0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66996197-01ba-4a00-a9bf-d199ca4c3733

43 B
180 B

21ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66996197-01ba-4a00-a9bf-d199ca4c3733
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 01:45:30 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=66996197-01ba-4a00-a9bf-d199ca4c3733
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 Nov 2021 01:45:29 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 17E0
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YlqCPGRa2Wl5WI07ZgqWPWQPgzl5Wd5oYlzi_a-v

43 B
61 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YlqCPGRa2Wl5WI07ZgqWPWQPgzl5Wd5oYlzi_a-v
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YlqCPGRa2Wl5WI07ZgqWPWQPgzl5Wd5oYlzi_a-v
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 17E0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8273215590168972827

43 B
106 B

21ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8273215590168972827
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8273215590168972827
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 17E0 70 B
265 B 110ms
38ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=ea983635-3a6a-3c2f-6749-a81175952df8&gdpr=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 17E0 170 B
243 B 133ms
49ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzZmN2U1ZmYtZjMxZC02MjhiLTcyYTktZjJhOGJmNzdlMzk4

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 17E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP03MV0xzNXQf3rIPyJsHDk&google_cver=1

43 B
61 B

21ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP03MV0xzNXQf3rIPyJsHDk&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=dee3cd5c-b02c-4bcc-8a93-5221d8f2af37
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP03MV0xzNXQf3rIPyJsHDk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1A59 33 KB
16 KB 95ms
34ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=49556873&partnerid=473322&gdpr=&gdpr_consent=&page=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 20 Nov 2021 05:24:46 GMT

GET
H2 200 Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 7 KB
3 KB 8424ms
42ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Logo.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5d0bd12db046e2bacf04d499428a48266a64db696ea400c2fa316b3c22f80ce7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 121026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3060
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Wed, 17 Nov 2021 16:08:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:08:33 GMT

GET
H2 200 Button.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 6 KB
2 KB 8425ms
44ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Button.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

9942ca8ac2c3fa19b7f8e43e8dca588c67e62a98d3c594ad48856a71aa0a858c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 182215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2000
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 16 Nov 2021 23:08:44 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 23:08:44 GMT

GET
H2 200 Element_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 12 KB
4 KB 8424ms
43ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Element_3.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

22b733329b495cefdd8fd3c3d50f595e02cede8194a18d6383a4f7ab8d0b1d2c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 182586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4137
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 16 Nov 2021 23:02:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 23:02:33 GMT

GET
H2 200 Typo_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 12 KB
5 KB 8427ms
46ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Typo_3.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

5ddd77cc41840cf3d5a8954d0c020d85dbf21dd38d173d1aa0b673a1bf0fd09c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 224682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4596
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 16 Nov 2021 11:20:57 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 11:20:57 GMT

GET
H2 200 Typo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 13 KB
5 KB 8426ms
45ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Typo.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

7856db2d13b9512509920ac6c93bc002e4286a82d3ee67cf55cd9142049ea838

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 121544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4546
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Wed, 17 Nov 2021 15:59:55 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 15:59:55 GMT

GET
H3 200 Auto.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 10 KB
3 KB 1821ms
1558ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Auto.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4979c352384ce17af97af31451d3d181c46c99de4483a400227d40e909a3ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 138256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3536
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Wed, 17 Nov 2021 11:21:15 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:21:15 GMT

GET
H3 200 Strasse.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 2 KB
1 KB 1822ms
1559ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Strasse.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a4e3fb026d44c8a39e4f33f441a8046cc5ab822e86558889274f4cbbe61178

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 121310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Wed, 17 Nov 2021 16:03:41 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:03:41 GMT

GET
H2 200 Skyline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 40 KB
7 KB 8420ms
40ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Skyline.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

f3e7fabaaa3d13c7eceee2291f67cc3855e589b4705955d72782270fd79010b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 182586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 16 Nov 2021 23:02:33 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 23:02:33 GMT

GET
H2 200 Hintergrund.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 415D 45 KB
6 KB 8427ms
47ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Hintergrund.svg

Requested by

Host: aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

d043ad1f4fd5c41b1297c084d3545d4ee1ce5c2a2a6d87de9f4ee6b089638e1a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 158660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6357
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Wed, 17 Nov 2021 05:41:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 05:41:19 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1A59 7 KB
3 KB 30ms
30ms Script
text/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=49556873;extVars=473322|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2950366&p=https%3A%2F%2Fad8.ad-srv.net%2Fc%2Fp2yhiti6ooj3lvv%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;2814;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=http%3A%2F%2Fwww.abbynews.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dccb5e8ac060d99a5d1bafa0e0a9f50023c551377a45c9981d3bc2bc6248e6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2603
expires: -1

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 1A59 43 B
1023 B 148ms
44ms Image
image/gif 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=45031316&tg=fnmzbbxx&ckurl=1
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.26
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:31 GMT
Server: nginx
X-IPLB-Request-ID: B9D59BA9:D94E_334475B6:01BB_619701BB_FF52FD:2EE03
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36560
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 1A59 90 KB
39 KB 25ms
25ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 20 Nov 2021 05:25:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 1A59 35 B
468 B 33ms
33ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=49556873&csi=sU02maj8_RhwR3IUU6GUh3NOeCDiLY6WWbSfOePB9coJDwKV3Zer3LFEcjw9IAOYLf6HmZwhgOgg8bcfdxJig96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad8.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad8.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 9645718.js Show response
s1.adform.net/Banners/Elements/Files/2068258/9645718/ Frame 78F1 27 KB
11 KB 29ms
28ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/9645718.js?ADFassetID=9645718&bv=514

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

59f9e64914e5176726aa7685e8792f5e4f77706774790a0aedc236632cc6639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 14:12:29 GMT
server: nginx
etag: W/"6093f94d-6db3"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 78F1 30 KB
13 KB 21ms
21ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 tacho2.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 78F1 17 KB
18 KB 24ms
23ms Image
image/gif 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho2.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5bf35e64beb98bace6b719cf94f4ce57e4aea164d5404304b271aef763c9f66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
last-modified: Thu, 06 May 2021 14:12:29 GMT
server: nginx
etag: "6093f94d-45d0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 17872

GET
H2 200 tacho3.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 78F1 12 KB
12 KB 26ms
25ms Image
image/gif 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho3.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b66f7f78425f0541849b31d7662a67254caaa1f222a27964ecc463c159e88e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
last-modified: Thu, 06 May 2021 14:12:27 GMT
server: nginx
etag: "6093f94b-2f8c"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 12172

GET
H2 200 tacho4.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 78F1 12 KB
12 KB 29ms
28ms Image
image/gif 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho4.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8bd079818c58acab6bd8925ca6ea880933994962e5cc83f7f7d4424e5d9d51fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
last-modified: Thu, 06 May 2021 14:12:27 GMT
server: nginx
etag: "6093f94b-2f10"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 12048

GET
H2 200 tacho5.gif
s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/ Frame 78F1 12 KB
12 KB 31ms
31ms Image
image/gif 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/2068258/9645718/bvpath_514/tacho5.gif

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fcf5955999aa707293828168c27771dc76be3cc65d2222100ad5aeaddb803f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad8.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:31 GMT
last-modified: Thu, 06 May 2021 14:12:27 GMT
server: nginx
etag: "6093f94b-2e71"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 11889

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 78F1 43 KB
43 KB 165ms
59ms Font
application/font-woff 52.218.40.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.40.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Referer: https://ad8.ad-srv.net/
Origin: https://ad8.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:32 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: 5J9X3QMF7VE34QJ5
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: ifgfZNp8aYxGnKnwBUibIdnIb38V70s4se/1S3wXjtec9oeLCnKwiJHw1T83FS4qsyuL7UA/Luc=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 78F1 42 KB
43 KB 169ms
63ms Font
application/font-woff 52.218.40.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad8.ad-srv.net
URL: https://ad8.ad-srv.net/request_content.php?s=46514000007026200003104011783008&a=a06b7451
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.40.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Referer: https://ad8.ad-srv.net/
Origin: https://ad8.ad-srv.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:32 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: 5J9MQ7BR2A0C779R
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: 9biCvIoquK+79xMs+19pACL1ybmPf/fZrTrUEXJS9prlXeoJMWiXAwfH3OVsjMacC24hiT5D0I0=

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/51615739/1634927656127/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x250/ Frame 3841 141 KB
64 KB 2329ms
1776ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/51615739/1634927656127/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20144cb579d3aa01d5d941f569255d52db1e2a0bbdcde5358d94f8807c93e2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 65393
date: Fri, 19 Nov 2021 01:45:32 GMT
expires: Sat, 20 Nov 2021 01:45:32 GMT
cache-control: public, max-age=86400
last-modified: Fri, 22 Oct 2021 18:34:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B78 0
23 B 78ms
78ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuUUwFo7ejIEQ4hsXclB-dSHgnXM6a9_FLxlAaa40VJp1JcXI0Wa85VW3AJgUA7yded0oclZ5FNAvCHuZ39JdnKaEKiRgqcDt1byhHQF5FQwmX7qXXmr4BL9du1PcUpnENhoqguxjN-KAu2oSUBGNRuW3BEwmGKe41EroX53LCIyLSrOhMFrAhJpwu6wo3bIJDM_VB_jz2f4b08X7t8cEjzUFrnQzPk-GixrCygdxafGyIyzqdeiJ5BdJH9Dcn6PUXwMFQCb-v8Ma_YfZ47LfeDeCZLV9qG0o1HzwUZrL_-9up6xU3oA&sai=AMfl-YRThOARwOv7_Juy2qfq_07JOVoDh8k8cTrIIB2moGN0o385vSb88hnLC3TRS80bDyg0K9w_HzdPp9cBW_Q48ARSv-W2RnZzBxjuG8dB_hi_Gk53ng2EqoaY5tJuMuk&sig=Cg0ArKJSzNh3oXbwsH5MEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/22571539/1575413112989/PedalToTheMetal_2712-002_BPM_970x90/ Frame A42A 200 KB
111 KB 1830ms
1283ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/22571539/1575413112989/PedalToTheMetal_2712-002_BPM_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cbaa6238609ce74a8edcd3687fe6c96ca91e116258466723f7416032c200dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 113468
date: Thu, 18 Nov 2021 20:52:49 GMT
expires: Fri, 19 Nov 2021 20:52:49 GMT
last-modified: Tue, 03 Dec 2019 22:45:13 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 17562
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F1B 0
23 B 76ms
75ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2v-o3tc1YPbMkQ5Wu0MtBwPAQcQcMB_GbeoXI5vW-yM7WFtdEmwcJ8aSUqBCeGAWK13G5tFtVfu8TV7ga_yVh5ILKqAJpCbbe_C-Rs5LjWT50z5usY9Whh0_YjvxGjsgTAdm-TSazN30MUTFZO8eNXrqlXYeuRryRZjA_-AcmYe2EzMGDwHebB5gYmyojwirYbBTLZ6zftOuVuVem7_RLs5x6sP83xpyIuIno98OW3KitHmSgejQvAz15nA2Siw_tYx9psrXEF8JIqpmUXv9gOYzcRFqGQOHv6PyaBlET0veXZEAq_NxJRmM5u8x_ZBxI7g&sai=AMfl-YTpLHpLBY-2tG1NBYdB9ZI24ZLsOqaewXwjv4nxtFVLDQgMK9RHDOv7kRcXRnQm7t1aONkPrLXEJcz0u5HIs17lJRV5GmQqV3XNX0BSkij4sLOaHL1gxpAV9dndpjM&sig=Cg0ArKJSzCeqjUBWiNM8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/51615739/1634927656085/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x30/ Frame 0647 83 KB
20 KB 1812ms
1269ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/51615739/1634927656085/BPMAE0000011718-001_BENCHMARK_PAINTING_LTD_970x30/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73935fb2994eb72393277c4b0c9b6d05a71510c7bff2d6fd76942b7a2d37c96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 20331
date: Thu, 18 Nov 2021 12:16:35 GMT
expires: Fri, 19 Nov 2021 12:16:35 GMT
last-modified: Fri, 22 Oct 2021 18:34:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 48536
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8171 0
23 B 76ms
76ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhrVtgg-WapOL8HIEYNlA5Gh60S5eITg3gdR7_no2DIQEG8Xry4V-S_Z5XRsHxBP5S7ANE8uOkM7AgyZn0v6B9HrUL1102VY36SZi_mdIv_olDmJuGU_uKC1KRkHxc217N4M8ig4cj-c8kLp5LIB1jMlmyv_e7XjC9pO56iwp24kkrEbfRSiHdbcIY14qEmNjuLtK6LQUdMwtL_eEcIMDujBwR5_ihB6HtyrtMDJ6WK0XpOgYoYmKiuthQGlJPDNGHammZu95FUwlhSNFNNq6V2EvDE6V3SBVsxEwuRlRWw0lC_HJ4mg&sai=AMfl-YSvNJ1BJyvWmrKJSLGnvRnAvXFJf3U1_znPJhl1dxYy88J5biy9-KPJZAR38pKqasW_N1nRuvRuJCKMq18MeGkvOX37M6faQF9v-yVN0uAuWVD3116H_hUqGbRa3nmi&sig=Cg0ArKJSzDycDhH-PhYnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/4836856213/1622569080395/241-000572-001_Natalie_Whitmey_Orders_Rev1_970x90/ Frame C14E 146 KB
68 KB 1822ms
1283ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/4836856213/1622569080395/241-000572-001_Natalie_Whitmey_Orders_Rev1_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f61fc63274277bd4f8ddc13096e6b712dfda6c8b47aa19aa40ad3482fa19aa70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 69567
date: Thu, 18 Nov 2021 16:42:29 GMT
expires: Fri, 19 Nov 2021 16:42:29 GMT
last-modified: Tue, 01 Jun 2021 17:38:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 32582
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F142 0
23 B 76ms
76ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHqv3U936SwRRWvmG3BsI6LQtwhJv2BFZR-iPzcwVF2V7SXNAHQ5Q_rxPWWsF7I6zzqw0O1E-JuB8YdBSWXPz2_SGUINaxz015oe37EQHyIgZLn7Ukt2Sw7tDZx5TRH7d5ATPEJZ35BZ85MkWW6EPZGwdGWyQ8hBtFKx1FXv1TM0_cX916zty0h8_NvdQJ7aoqH5xHc2CaMHGRJvrHoD-IN28ogwywXmTqXsqJedzlRCARNJcmtyI7BjFGhhdssEeDcIu9mhTlfer22SNwaf9w5GfsnqDjJ4Q5GjhvmSLroODny-o8TEOnhkCa1WgZBKL4&sai=AMfl-YT9udob35uJtRuWg231QQRwfcgrvPlin4GS1v2iVpQKH7CEEGeBAzAZkgFC60xGG49li-VTrRb5qDNtiGm-Q4MZa5eqT4le1rSqoVvUEQZWPDzoA7_sOGA0Mxu9Src&sig=Cg0ArKJSzBzWAXSMzFM0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ca Show response
choices.trustarc.com/ Frame EC78 7 KB
3 KB 81ms
18ms Script
text/javascript 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-06ba1787-ca0f-459f-b7ac-df1be6269b78&sid=0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2dda5d1412dd26aadbf27619473bbcf0c6a7003bbe8aaff7397a4e003cd1ff7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:23:38 GMT
content-encoding: gzip
server: nginx
age: 1313
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
content-length: 2414
x-amz-cf-id: JPCHlv-5Lo66exbTs2_ZHYPdY0MDp-fiQRtw3iLF0829G_hNo4depA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame EC78 38 KB
11 KB 83ms
21ms Script
text/javascript 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 05:22:35 GMT
content-encoding: gzip
server: nginx
age: 73376
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: mPlTRZx5TCoVWqGDH4ONw7lpAn8H7t4aNk1BiM9XlqxJhGG_rlFCDw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame EC78 43 B
382 B 170ms
108ms Image
image/gif 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=6aed
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:31 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 3ke4RCrWP4lUlCoZWvb4xBq-1owmO1AGKmlgjK5stCR0iMz-YObYMQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame EC78 287 B
627 B 11ms
11ms Image
image/png 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 20 Oct 2021 06:27:51 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: nginx
age: 2575060
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: HT7C-OC3Kj1-Ywsoei_qljbfEeZvETxLws-UTzCSy_tD63zsA35ASg==
expires: Fri, 19 Nov 2021 06:27:51 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 50B5 287 B
627 B 7ms
6ms Image
image/png 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_d1fscc88&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Wed, 20 Oct 2021 06:27:51 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: nginx
age: 2575060
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: ijMhq_A4lW-BRhLetn6FyLEzQU-9IZUE2Z7Nd0aI0iX7yKz3tHSEnw==
expires: Fri, 19 Nov 2021 06:27:51 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 50B5 739 B
1 KB 7ms
7ms Image
image/png 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
URL: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Sat, 13 Nov 2021 13:36:21 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server: nginx
age: 475750
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: klZjM4Iiggc8Gxmr2t4TMfpLHpeJomDwKv3tAsD9uQgOpIKfYGwJHA==
expires: Mon, 13 Dec 2021 13:36:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F142 0
0 75ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5ZGGhRROX9nrgEmUpzRkiiEDDnlDQAoMsJCWIy4O1Td4IwAjcfKBx9twHxjpmrtlH5dkSY6FphvJ-wlKdHxyiBFb_g3wXGZz2zX4EPuoxJmldUzRFrvfF5CbUJKw9vM6xubseS-VnHzkJJOCwK4Pp2RuKTJHAi6If6Wb3l5wuCxSXllyhcjg9ZsDo7JAw52VvTQiAenfUli-TmSi8fmQPrpPdyhMqYxzEIZkMW0JfD6Ieop9Gfb5Tf3_4j1ANP-KSJgSV0thF5J8FeSY2oefBX3zg9djN_EtfJWiELmfRs3HSM4wE&sai=AMfl-YRsXBfe7J6Eh0hobtTUdTan9NSESYfAJcOWE4hPxz4zO7uZ0RefdDrGiH6c0h-1GDyUTrY8DA6rs18Vpfzz2Wf0vVHgXvKOYTEBnKyTcvS-bPlTyRbhUbX-0Dsw5Zc&sig=Cg0ArKJSzKrarmCY6BipEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:32 GMT

GET
H2 200 a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d
tqe36.flx10.com/ Frame DA3D 28 KB
22 KB 73ms
28ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d?subset=Water%20dmg%2CSin%E2%80%8Bwphl%2EBCos
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 72ccad6dfae41007c5a11bc419d276971f54ffeac0af9ddc4402f486fc7bea26

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:33 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 02:59:41 GMT
server: NetDNA-cache/2.2
x-amz-request-id: H7J3HSF5452AVQC7
etag: W/"db8b90d6037c4eef42c5a2ea7fec4071"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: Db0UZ0ZfosgpCejJGHMOE3c1RRVdXWgQ90MXnvfBzU+ftliub+rOVAsAaYedA7ZYrN66CRxRrU8=
expires: Mon, 14 Nov 2022 01:45:33 GMT

GET
H2 200 73c2f0889c4a8fa84d4c0c3f39bddda410acc364
tqe36.flx10.com/ Frame DA3D 28 KB
21 KB 81ms
37ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/73c2f0889c4a8fa84d4c0c3f39bddda410acc364?subset=Pleas%20noturTmikg%E2%80%8Bpcyfdh%2ExCRS%21139%240IbA
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:33 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 02:53:42 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 1278B042F048B49D
etag: W/"dd719c752659d460d3a55b978fd622c2"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: 0Cd7Fg2A1AKUMLtY5PB0fgEAV+0WC3Rlezrx3xu2thNx4uJiyTDTO+RKgMHgwyXLFJssaMORGi4=
expires: Mon, 14 Nov 2022 01:45:33 GMT

GET
H2 200 037cfb7627ba25453fbe62bee6ac17072c508856
tqe36.flx10.com/ Frame DA3D 45 KB
31 KB 84ms
40ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/037cfb7627ba25453fbe62bee6ac17072c508856?subset=Click%20toBYurEsmaeTdy604%2E8351
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 97d7c5c7cd9b245f8b97026befdfa0743692f6c770aab711443a84aaec524549

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 01:04:27 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8G4Z5Y7WWWBKQ2W2
etag: W/"516c0073254e129d27a76d1460f52032"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: UigMPGhwgaSBYI2oLA+MOlGRCHQPj98PcQW6KjAojmkuvjFSHAwSHZWgd0jiePc+cZSUcS4bJ2s=
expires: Mon, 14 Nov 2022 01:45:33 GMT

GET
DATA 200
OK truncated
/ Frame DA3D 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77ce9426f594aa3b56d8eeeb15bf91871548224c7e5afdd7d4550d7923bda588

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1A59 35 B
468 B 34ms
34ms Ping
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8273215590168972827@@49556873,4939963120358371702,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Z8-jqbOXeiHxBx_RTJEBJySUlu92rMh85N90Pi74WZENDgKdVVzA4Ym3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad8.ad-srv.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:36 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad8.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
DATA 200
OK truncated
/ Frame 4656 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51fcd30ea0320a89286fcccd1d0aa91e63d324d400f265c8ed65363158a92c77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F1B 0
0 75ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWo_phU0XT9n8SOj0k8Ct3L4lIkcK_a3RCP38_PYSlNv3yJQ48akkHI0oXFnHc0Xmbdjf7W9mq6AAjlcQsRG7dqzVuB4VKdI_K_mil_ZfuWbfbFHYcTxO6HsC71eyW_1E-TAD1AuCquS96722x2EYFYwdG3DhtMa_49Xsd1knOFT54D7vrtxTRXf2x9C9AUVYRnxbYfAnu6nW8qDDbuGSBj4fd9xYnwJkdJcWSKTkMQ5uQfTL9ywStIfMn-1O8Yw5g39OdjdaK3mXMV7_FUwAGCqEntXu1P6GZcH948sRvYQE2B_X3yg&sai=AMfl-YQAsvRBFJt08dxmQZje8D84idcOakV9QcQykhl9eJ3Mn7wA9etXIJAR6D2nUu8YdCMWdubIXBOEekLlnUR08oBu-G5tXYQQ9tAbENP4h3su3RRXBzoAdF8L0qwwBg8&sig=Cg0ArKJSzD6zS_gqC1UEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D2B6 304 B
804 B 439ms
52ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:700&text=Dreaming%20ofVct%3FIdulYWsAb%2CBC%26kTvS

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

bd95025b1f073f6308403d3448945d8eb6a3dcbb5b55cc2ba32d672c68ae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D2B6 300 B
350 B 445ms
58ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:600&text=Met%20hArmcaiTvl%21SUBCRIEgoYunbx

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

c9256628255551fc4ddf7449432fbcf4517a7cf4acf247a2943d5e470666cad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0B78 0
0 75ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTwTaAcqGmfr0Ir5zugS1DiuHTPXD6EoV-rbEgtfC-ojZF3EvTxuNYP8MsQ7CN028ccM5fYWqtnh8wJd7mI1pyLIUou0qXjLEp2OeD9Q64hcyvPYzfrSyhHh1jpNSWYn_WrQhhbqqQoa1G9X4bdRpbx73EScUNMO0WqQLN2d2xcbgK8gx-bmMhlF25ci7j8mPcDZn-mjb_68XiWboqSQGn6mHLj_37FsF2iPY07TKi1zoCvp3_9imZCz0EvNRQ_ZkLdlIDzIJXz2TWHJCqJthz1hDDzgEXwK_hPzVE0PVZSclI0f08ZZcf&sai=AMfl-YQcRsMr_Dl0kIrQ9UA5HCTmAqVDtzqjCM5o8AtUhIenQlqhtPUGxIoHyZKfe3KvN9mlVSJVGMjB64CjWlYruk9ca7NeEiZhZiYS6yS0qWVTo3udoTZwyzbCZCd0vTQ&sig=Cg0ArKJSzJvMFPqp0DBCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8171 0
0 75ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv0U3A_a-xIVPPfGSFDYaaZ2EYOjRZTBu2CDR149qpriAoSFxyf3GV108jGT5PzvbbmMDIfVZvdPv-APZvDLHEweW9APUehG9wUqbvzdDd3ieQQ-qr2IpJJkUzxVld3dqY4s9eVuhwyAbYFZkRpy6r4SKrJyOOdsolXib-YBbA0-w8N78W1ZpCtQ23w2osrH_ZxV_8LCyKALcxP6kLWjh1VO3p5meF6MvLRDqSt5f6BBAhn65V9y8wYDPsxXKnN74Wyivjm4KC22X_HKZE3BuU6vAjCzWyS6bK8ECpHEcqbH0DQBjmA2H0&sai=AMfl-YRi3b-UJ8KQayB9JWLM-lRzA_cCFDUasouYRCS8oVXS8Pd0nHY9zzGCIqruvnyJF2TqCYwWsM8oEb-VVxw0_bkDNU4HID8kdub1nYpeDCEJb-ZPndmkhHFXVeRLcqIq&sig=Cg0ArKJSzL83bhLzvKGdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:36 GMT

GET
H2 200 a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d
tqe36.flx10.com/ Frame 3041 28 KB
22 KB 10ms
9ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/a45cac9e1837eb45dd7a02efdcf83e4b69f96d9d?subset=Water%20dmg%2CSin%E2%80%8Bwphl%2EBCos
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 72ccad6dfae41007c5a11bc419d276971f54ffeac0af9ddc4402f486fc7bea26

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:37 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 02:59:41 GMT
server: NetDNA-cache/2.2
x-amz-request-id: H7J3HSF5452AVQC7
etag: W/"db8b90d6037c4eef42c5a2ea7fec4071"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: Db0UZ0ZfosgpCejJGHMOE3c1RRVdXWgQ90MXnvfBzU+ftliub+rOVAsAaYedA7ZYrN66CRxRrU8=
expires: Mon, 14 Nov 2022 01:45:37 GMT

GET
H2 200 73c2f0889c4a8fa84d4c0c3f39bddda410acc364
tqe36.flx10.com/ Frame 3041 28 KB
21 KB 15ms
15ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/73c2f0889c4a8fa84d4c0c3f39bddda410acc364?subset=Pleas%20noturTmikg%E2%80%8Bpcyfdh%2ExCRS%21139%240IbA
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:37 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 02:53:42 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 1278B042F048B49D
etag: W/"dd719c752659d460d3a55b978fd622c2"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: 0Cd7Fg2A1AKUMLtY5PB0fgEAV+0WC3Rlezrx3xu2thNx4uJiyTDTO+RKgMHgwyXLFJssaMORGi4=
expires: Mon, 14 Nov 2022 01:45:37 GMT

GET
H2 200 037cfb7627ba25453fbe62bee6ac17072c508856
tqe36.flx10.com/ Frame 3041 45 KB
31 KB 18ms
18ms Font
application/octet-stream 23.111.9.203
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://tqe36.flx10.com/037cfb7627ba25453fbe62bee6ac17072c508856?subset=Click%20toBYurEsmaeTdy604%2E8351
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 97d7c5c7cd9b245f8b97026befdfa0743692f6c770aab711443a84aaec524549

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:37 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 01:04:27 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 8G4Z5Y7WWWBKQ2W2
etag: W/"516c0073254e129d27a76d1460f52032"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: UigMPGhwgaSBYI2oLA+MOlGRCHQPj98PcQW6KjAojmkuvjFSHAwSHZWgd0jiePc+cZSUcS4bJ2s=
expires: Mon, 14 Nov 2022 01:45:37 GMT

GET
DATA 200
OK truncated
/ Frame 3041 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccfd5f4c0952bc9316d963ec49abf5cdad1c9b19b50c0abd07b92d37b4c9b20f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3041 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5c77aefa17e1f4b88e8c5a32de50ad27a8df57b6f7f4c90e55de667f202529f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 3041 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1fbc1b275734ec725948b439841d3e97ff0b113001fe0d01b35f27f992353de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3041 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34318615f719ba75c1a4d6737b937456c779a1d26bf8182eb92f6b365a76355d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3041 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a093a65cec169ac3081d970a7ec3c627be518f4eda6de57fa8fbbe4f8807414a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BE29 0
0 74ms
74ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLB14LaGpHlAyL2TEzo3ZLh4nJ0EW2dCk3NIaqbjE9kyvf1gRqHsWa8R4FOhQEUG01EcZAgqRhw2B5SoIYomwhAnqMg2ToflKghCzIQIrDcIBteaBujBKBM1Fy5rGYeLodFR9697OZ1y914BrEvYWqmNyMCnipzfnYjhngQzYSy1ah9g8ptaFWZRkV5ZcYEjaGyql2qxLW-mSo9QmIgLLV8SbpmMMG8x3yAErX8NwklBTlr1lKrs-_XJB0B2vLS7sOOepHhzuLsiTGM5UvsD4hfv99_nq8GYdbXT-f6scvhjOYnMEUow&sai=AMfl-YQK1S92QsQE8DQVtTdwooVwwrJt2b8rWUeUI0xH6lrrYxxRNYmyDZG8grE9X-1zGm764XMQ3IFQcq1syfR9u9I69QyXr2aOIGM-P83vCBBZEL8D38dbOLHLzBE-1RQ&sig=Cg0ArKJSzDp6U8X6BsKWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
DATA 200
OK truncated
/ Frame BE29 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e920a3feb3518d564200e0cfc10f1f860bc2e0c9408cfaabfc85624da652cf80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame D2B6 6 KB
6 KB 1059ms
40ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4ie0oe5OhSPXQO1U9tSt2yYtFKPrDJyR3RAJ2Lo_mzjw&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:600&text=Met%20hArmcaiTvl%21SUBCRIEgoYunbx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

ESF /

Resource Hash

eb112c8ea831ff58508ee7e74a8c917d524ea681a844a9ca4fe3a2c066ac74ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 20:40:51 GMT
x-content-type-options: nosniff
age: 18287
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5864
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Nov 2021 20:40:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D27D 252 B
272 B 208ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:regular&text=It%27s%20PedalMYOURDVENSCWTHKLG%26

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8aa9d38d8550a3499c50bcd6ce82a14abfa55b05ba4a480925f4eafb2eecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D27D 270 B
276 B 421ms
262ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular&text=to%20hewi

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3adada42fbe3da29fe00e00313a663cf9f7c8551898543bb1e7ee1dddd422847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D27D 227 B
247 B 421ms
263ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:regular&text=YOURWITH%20KNLEDG%26

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23353d96a0f09f009278cc519ed5f3dfed39e67217aba6e332eef215b0f56f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D27D 272 B
276 B 420ms
262ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700&text=LEARN%20MO

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79d84c6ced6a7ded12a665446b5551109fc2263cfcb447bdc4c67cb122eeec96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D27D 220 B
242 B 419ms
261ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:500&text=SALE

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

711d58efe3fb738b5153c8dcb7b6b96a515f6cf74ac828b47fe69c689005ee4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 01:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 01:45:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 01:45:37 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8171 42 B
497 B 318ms
73ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuF-xtFVr4oovUel1DyQBl8mTRFFws1e35mRpCrT4fsdpqY9p-8aLZ6dTzUMH4Hk-LRMmZqfcFceabp4InDOSHa1aAIyEf_0n-8JFGWrBE9S9YEb96&sig=Cg0ArKJSzCuZTRjcsRitEAE&id=lidar2&mcvt=1001&p=139,315,169,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=635914923&rs=4&la=0&cr=0&vs=4&r=v&rst=1637286329636&rpt=7271&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B78 42 B
108 B 475ms
234ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWosWRTbF9OnNAKIKKUgBop-h0lziBEQPv3PvKIXqOHcj4gTYHyClAbomkJARILQGpepixrZZqrcIW5tF6v8CP6pRygxfn0C2d8pf-8qYt0HkYQVSc&sig=Cg0ArKJSzB_l5VKAj-mCEAE&id=lidar2&mcvt=1005&p=869,315,1119,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3984404392&rs=4&la=1&cr=0&vs=4&r=v&rst=1637286330187&rpt=6706&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D27D 5 KB
5 KB 463ms
76ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvgURwfC62qWPDRGucGzIdcMOpJ8Z2zrr7Hpp6XtBR7sk&skey=653237e53512d0de&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:regular&text=It%27s%20PedalMYOURDVENSCWTHKLG%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

ESF /

Resource Hash

0d51e491358b422c48bfded82dabb3c304ac77378e3d4e58ed3e5d76cf024092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5152
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 17:19:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 01:45:38 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D27D 4 KB
4 KB 440ms
53ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=JTUSjIg1_i6t8kCHKm45xWtz3i7Fv5My7GLo5yJxGysB9OM&skey=7bc19f711c0de8f&v=v18

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular&text=YOURWITH%20KNLEDG%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

ESF /

Resource Hash

10c25f27a480a376f2eda127d97ff4e1f8ee1a9c13cb7e8e50a8d6af305faf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3784
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 17:19:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 01:45:38 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame D27D 4 KB
4 KB 431ms
44ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4ie1AeoMF5EUUw&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular&text=to%20hewi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

ESF /

Resource Hash

e5f4d007fdf8bec0722bd003ab26a2f573bf8e32f3eee6104bee389d9768aa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 06:33:14 GMT
x-content-type-options: nosniff
age: 69144
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4180
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 06:33:14 GMT

GET
DATA 200
OK truncated
/ Frame EC78 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 229145b60edbe7dd3fc2a119da47bfe176a4bbf1b76a496101cb1a551785f331

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame D2B6 6 KB
6 KB 81ms
37ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4ie3ce44UvP3ME3FRtSt68WtJLOLPExhbVBZ6UueO3hDmtlA&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:700&text=Dreaming%20ofVct%3FIdulYWsAb%2CBC%26kTvS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed892e1a27992f4456d1ed692792738e3c2f3f2674e44459df87d29a961ab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 07:25:06 GMT
x-content-type-options: nosniff
age: 66032
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 07:25:06 GMT

GET
DATA 200
OK truncated
/ Frame D2B6 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a44c30559ce751be573fc18c844f40c12dfb4eee1e8da0c8d9b94d83a0b007cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame D2B6 12 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87500265116e879a999a811abeb3bb948de9b9a0b896d812380904382860ae7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame D2B6 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a09cc4f47dccc753fcd4664c49176808db927505be1ea1ca179f6cddda13ca8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame D2B6 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95e9ca0ebd18320b23a6c5515c752844b462810c91dea9763fa675489235e92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 font
fonts.gstatic.com/l/ Frame D27D 4 KB
4 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1y4ie18ehOxcM38Iyg&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700&text=LEARN%20MO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b91657c43e808e2d0a86208e72bd2d843600dbf531f6ff13b57fec3aed3ce7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 21:40:12 GMT
x-content-type-options: nosniff
age: 14726
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4120
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 18 Nov 2021 21:40:12 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame D27D 3 KB
3 KB 117ms
117ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=TK3_WkUHHAIjg75cFRf3bXL8LICs18NvgURwZE_VwnM&skey=653237e53512d0de&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:500&text=SALE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9a952bc350de0b911631be4d8b641cb37bfc751057ab2d202c39a861b61dbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:38 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3012
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 17:19:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Nov 2021 01:45:38 GMT

GET
DATA 200
OK truncated
/ Frame D27D 58 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f95320e734576bc3000a06bffb305e7439c4f19e10fe96bb86f6a75f37a9930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D27D 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e493eca7f112d09fad9bed888b428bba045e1d2c6e68a72966a58622f6fc23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D27D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20d0722f9ca5e2bb2b781d5119763a3f09d519bc39d88dfe4f83ad17b0ebfc6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D27D 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e1bd5aee9aed9156cc04c752373ab18069c1f4beb60a43271782258e086e46e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31945348-1&cid=479025384.1637286329&jid=603531447&gjid=337477113&_gid=1263981275.1637286330&_u=YAhAAEAACAAAAC~&z=40223851

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 01:45:39 GMT
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17101303-1&cid=479025384.1637286329&jid=915176158&gjid=580741276&_gid=1263981275.1637286330&_u=YAjAAUABCAAAAC~&z=1241920444

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 01:45:39 GMT
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 446ms
52ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31945348-1&cid=479025384.1637286329&jid=603531447&_u=YAhAAEAACAAAAC~&z=1511189144

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 445ms
51ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31945348-1&cid=479025384.1637286329&jid=603531447&_u=YAhAAEAACAAAAC~&z=1511189144

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 443ms
50ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17101303-1&cid=479025384.1637286329&jid=915176158&_u=YAjAAUABCAAAAC~&z=1010406313

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 441ms
49ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17101303-1&cid=479025384.1637286329&jid=915176158&_u=YAjAAUABCAAAAC~&z=1010406313

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5218 12 KB
9 KB 217ms
49ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77101d3934d515cd8c227dc53a333e62be8b4c11a376a83ce64b9c04c1ba65a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9236
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5218 0
0 88ms
88ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3HAeph5RmXTJKpYcYmC4aY1iYd0FIgFwCKhsXo-GVF-PGNo5Ji5WtubJy7YuRARUn7GkibvRBd9uG4p1DdvQHw2GR-5NAh5wZFaPevMRqtxQURhp6UivV_Ao7lB4IrCdZTMvZ4HTrvS8Veftailhf7E2HUmH4m8d8BbrmUTg5NCO7eI6YBJv6FLeUA34HYPDft2SxeHpunUe2g_4QvL7HqTHNB3GFg8oRWUc-LZXhk1am4dYWNVMZBIZwFx07cAGAjEST8dkygnbFObMju53dOCrZOc8BaY6QAj1FESIH1-UF5rHV&sai=AMfl-YSin-YHpohhFRJkIKdl6WNp4uwoTDETJnr4aNLDMzr6_rUlKNbErYh3fPVNRjoom5Tf1EpdJWJ_1PqyJAChxQiLxQZGREAujLNmhmxqYodL8vymtXhqNMqSnldWfr4&sig=Cg0ArKJSzOCslXfYz7DUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 19 Nov 2021 01:45:41 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5218 17 KB
7 KB 50ms
50ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js?31063783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 19 Nov 2021 01:45:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 13D8 12 KB
5 KB 39ms
39ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 18 Nov 2021 21:31:05 GMT
expires: Fri, 18 Nov 2022 21:31:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CDBC 783 B
534 B 100ms
49ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

882472f61b03f7ccbe400b8626fd7be9795dfc20f0c0502b8cacf2c1d30e5a8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P6o0TMMo6UmY09Y+T/yf0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 19 Nov 2021 01:45:41 GMT
date: Fri, 19 Nov 2021 01:45:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-P6o0TMMo6UmY09Y+T/yf0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 13D8 35 KB
13 KB 216ms
168ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:51:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 17:51:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CDBC 0
0 91ms
90ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=1469079758957104&rc=
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5218 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=1469079758957104&bg=!6eql6q7NAAZQLpa_UC47ACkAdvg8WkGyn3z9Y126p6VutUgO0lio71677wEzQbsuiz9-zVgrc1RGPgIAAABXUgAAAAxoAQcKAIkrzlHJ9_cezJqCuB0DZ4FtD2ILBxK4CMYe64k4hdKNhQaP43DwJFTOMp4BsAle975Lyz605Ee2-ES_T3uscyUdIarwisoyrqO3O0qhuWarLdBvad797x3QnTd8VaRPaCAjuygRsItdqcTmsVHpLjvgyTkMaNYu-OefRJoR6IZib0ZB1VmdvPY5cZkC4VR_OgkvkQSenknTdTlDtBOvo2ZUYgqb1U2O002s0BEBXagQeJR5HJDMpJ6o7TLBdeV_JnplSdEFWjvSFMIfbmliU1PWqGR0duA8_sLiNWa7LLVZ9WsT0HUwJiWgb8UuAanBQaV1LzeHZ4dIGFnYRX8ysFOqAWqBtWszgCMLLowDCQ5emZP6BbLN1tpdAlJpYODd9QTG42lOfSwj9TfjogYpN5Bja90a5t3l_h3XgUm7GNA5J00IL6O5mpW3SkO3MYbXMI5f6FSR5ylNgiKFn5gWL6vTgYrkB28xeSOYfiDiEv9YiLKW55gXJa6nE9QY8wclMnddAcBNyltz8QhvP5LQXR0snvCZwZMvGOdnb_4Cv7zN6Vx5Fcev-hrOUKhSWZSwLUuzrIkDsROH_noXFs-itywsu1aaUfA0Ui9f_tOBMSVlgb5G3oSatLtgSeMLgf87TT2NgloIvBR4D-PGqktr8p0KwE3yUBup_ohJVT1X1khP1N-hcDP8PXawaTsX0UCii8jR9UoZ-OZBylOhFdXO_2eenJ8_51KzSyNJBjI_b29dAaBK3qNcFHkNNmwOW-rYi7tWfmlS-RYe-2eGuqGLnvl5lSLkkT4qXxs3QZSW6hb6L9BOlH2H8AxbC8eHCrzUI0IKw1Xk6KQD0QLRy2wx6sQOhVpN9XRz8q5N0RzS2ncmYipCILGJmGHH8_VBTs4QjMWJN9x_c_7F6Gp26keTt6vPfvamzP-isKSCQgEX4X5a8A62XmS5IqSHKTK8PuG8KWexDTZQgoL_u2DkEhFq6Kfq7q_HsnICa5UYlW-EN86u-kmHiT80vthfQwFqKhHA2YGuXKFLqZg7IOO9wkqIYa70K1kcQGgUM8Sr3sTkn6LaL3VBe2Yk-4iIcXe4vU96DF1gOhN1Flo1DtBTTfDNXj6WMe8iNrrCHjuvwHDBlYPEhAVLJGPdHq6g0C0lPk4EzWChOb0uQkWpaQWDudJo

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 97ms
96ms Image
image/gif 52.6.232.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=abbynews.com&p=%2F&u=CTvajlCRWB1JDVVl2-&d=abbynews.com&g=65935&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=9569&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3763&t=szIhkCvRKbxBp5InwD2w2E3DhL8cM&V=129&tz=0&sn=2&sv=mj1WhCF3gKHCjZJaqZ2vU4D4TLQj&sd=1&im=047b0ffe&_
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: HTTP/1.1
Server: 52.6.232.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-232-190.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:44 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H2 200 te
api.dosomegood.ca/l/ 0
381 B 579ms
198ms Ping
text/plain 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/l/te

Requested by

Host: files.dosomegood.ca
URL: http://files.dosomegood.ca/scripts/p/w/dsgw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-response-time: 10ms
date: Fri, 19 Nov 2021 01:45:48 GMT
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID,X-Backoff
content-length: 0
expires: Fri, 19 Nov 2021 01:45:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 720ms
720ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089468255&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abbynews.com%2F&ul=en-us&de=UTF-8&dt=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=759088449&gjid=1325061284&cid=479025384.1637286329&tid=UA-17099191-2&_gid=1263981275.1637286330&_r=1&gtm=2ouba1&z=974528775

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-17099191-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2685
date: Fri, 19 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 03:01:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 711ms
711ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089468255&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abbynews.com%2F&ul=en-us&de=UTF-8&dt=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=316756632&gjid=482232757&cid=479025384.1637286329&tid=UA-17099191-1&_gid=1263981275.1637286330&_r=1&gtm=2ouba1&z=211892948

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 43ms
22ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-1&cid=479025384.1637286329&jid=316756632&gjid=482232757&_gid=1263981275.1637286330&_u=aAjAAUABCAAAAC~&z=1213838987

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 01:45:53 GMT
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
23ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-2&cid=479025384.1637286329&jid=759088449&gjid=1325061284&_gid=1263981275.1637286330&_u=aAjAAUABCAAAAC~&z=956700597

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 01:45:53 GMT
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-1&cid=479025384.1637286329&jid=316756632&_u=aAjAAUABCAAAAC~&z=2133599319

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 357ms
56ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-1&cid=479025384.1637286329&jid=316756632&_u=aAjAAUABCAAAAC~&z=2133599319

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 144ms
143ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-2&cid=479025384.1637286329&jid=759088449&_u=aAjAAUABCAAAAC~&z=1412989788

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 365ms
63ms Image
image/gif 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-2&cid=479025384.1637286329&jid=759088449&_u=aAjAAUABCAAAAC~&z=1412989788

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1089468255&t=pageview&_s=1&dl=http%3A%2F%2Fwww.abbynews.com%2F&ul=en-us&de=UTF-8&dt=Abbotsford%20News%20%E2%80%93%20Abbotsford%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=1658121119&gjid=125496695&cid=479025384.1637286329&tid=UA-17099191-9&_gid=1263981275.1637286330&_r=1&gtm=2ouba1&z=1968878188

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 22ms
6ms Script
application/javascript 151.101.194.137

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.abbynews.com
URL: http://www.abbynews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: 4D8AQJC9VY2BJ6SC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: 2zU/m4ipcLnwAzgK66gM+c3M9MgsnZuv0e1Z9Z0e2/grnwun00VKLoxTIndc+jWu58DNxwidji8=
x-served-by: cache-hhn4024-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1637286354.364970,VS0,VE0
date: Fri, 19 Nov 2021 01:45:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2292

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/ Frame 3DC5
Redirect Chain

https://bcp.crwdcntrl.net/5/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

1 KB
2 KB

46ms
46ms

Document
text/html

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: http://tags.crwdcntrl.net/c/14236/cc.js?ns=_cc14236
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b85817e55e3484f29fbbf766e24ab7f8661a1759a4c263d07f5281a59e25b4d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/

Response headers

date: Fri, 19 Nov 2021 01:45:54 GMT
content-type: text/html;charset=utf-8
content-length: 1354
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.30.156
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Fri, 19 Nov 2021 01:45:54 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.31
server: Jetty(9.4.38.v20210224)

GET yql
query.yahooapis.com/v1/public/ 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 48ms
48ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1618e842eb77841ef358fbd536f32c5b5b027813c3c0e44e3b718c7acb021c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9262
x-xss-protection: 0

GET e4824da135
bam-cell.nr-data.net/1/ 0
0

GET
H2 200 382416.gif
idsync.rlcdn.com/ Frame 3DC5 42 B
417 B 59ms
21ms Image
image/gif 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=1ef3da7e17e152f9642b6c0323f04d7a&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 01:45:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET insync
thrtle.com/ Frame 3DC5 0
0

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 3DC5 62 B
304 B 188ms
153ms Image
image/gif 104.89.42.102

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=e52c9d8e0685161c7ada5e3b82d6cd4e
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.42.102 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:54 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 3DC5 103 B
415 B 83ms
18ms Script
application/json 35.176.195.187

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.195.187 -, , ASN (),
Reverse DNS
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:54 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 3DC5 42 B
232 B 82ms
8ms Image
image/gif 3.127.253.208

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=1ef3da7e17e152f9642b6c0323f04d7a&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.253.208 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 01:45:54 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 3DC5 43 B
422 B 129ms
28ms Image
image/gif 52.208.138.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=1ef3da7e17e152f9642b6c0323f04d7a&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14236/rand=407076047/pv=y/int=%23OpR%2396012%23www.abbynews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 01:45:53 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Fri, 19 Nov 2021 20:45:54 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-9&cid=479025384.1637286329&jid=1658121119&gjid=125496695&_gid=1263981275.1637286330&_u=aAjAAUABCAAAAC~&z=1972420384

Requested by

Host: www.abbynews.com
URL: http://www.abbynews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.abbynews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 01:45:54 GMT
content-type: text/plain
access-control-allow-origin: http://www.abbynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 01:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 19 Nov 2021 01:45:54 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
0 49ms
49ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-9&cid=479025384.1637286329&jid=1658121119&_u=aAjAAUABCAAAAC~&z=1158963823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.abbynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 01:45:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F955 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame E1FC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Domain: query.yahooapis.com
URL: http://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text%3D%27%20V2S%202H5%27)%20and%20u%3D%27c%27&format=json

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/1/e4824da135?a=96620560&v=1212.e95d35c&to=NFVWZ0YCCERXAkxeXQ0fYUFdTA9ZUgRAGUILQA%3D%3D&rst=29094&ck=1&ref=http://www.abbynews.com/&ap=1372&be=702&fe=29063&dc=3703&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1637286325282,%22n%22:0,%22f%22:235,%22dn%22:235,%22dne%22:265,%22c%22:265,%22ce%22:271,%22rq%22:271,%22rp%22:601,%22rpe%22:710,%22dl%22:604,%22di%22:3703,%22ds%22:3703,%22de%22:3732,%22dc%22:29062,%22l%22:29063,%22le%22:29083%7D,%22navigation%22:%7B%7D%7D&fp=3763&fcp=3763&at=GBJVEQ4YG0o%3D&jsonp=NREUM.setToken

Domain: thrtle.com
URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=1ef3da7e17e152f9642b6c0323f04d7a

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-9&cid=479025384.1637286329&jid=1658121119&_u=aAjAAUABCAAAAC~&z=1158963823

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.abbynews.com/	1970-01-19 22:58:11	Name: AWSALB Value: QCtshE31avXa7F7zJt4MOpdHnCuZysj3XNGY/S9/3uJ8xKm1wYU4MGJCuP1KUVUp5e+ZxdRExqrVsdUtcdMdIPKXzlETh436euE5oLcum34ETL0q6hJanheDhvZW
www.abbynews.com/	1970-01-20 02:09:42	Name: blaize_session Value: 7b1ad0e4-3b2b-4a8c-a89e-488faab46288
www.abbynews.com/	1971-01-19 22:48:06	Name: blaize_tracking_id Value: 2a834166-5666-41a7-928a-7bf81bee4f21
www.abbynews.com/	1970-01-20 08:16:54	Name: _cb_ls Value: 1
www.abbynews.com/	1970-01-20 08:16:54	Name: _cb Value: CTvajlCRWB1JDVVl2-
www.abbynews.com/	1970-01-20 08:16:54	Name: _chartbeat2 Value: .1637286329001.1637286329001.1.mj1WhCF3gKHCjZJaqZ2vU4D4TLQj.1
www.abbynews.com/	1970-01-19 22:48:08	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-20 08:09:42	Name: IDE Value: AHWqTUlyInGr5-AiDR_0udDPswHRacHrCL72S2dJQhZS4gouXBrGaXlP8TBeAzHg6Yw
www.abbynews.com/	1970-01-19 22:58:11	Name: AWSALBCORS Value: qA9/kKAJ03dPaY0o2T972y4pWEkhAAi0k3W++iepQrzwKcdB3sII1qxl6vGMI3k03Danbblayl/Y3Kv0BH8yhOVZ3sxTUcd+zZ9jkoIGR1ozdQXmsr6bkCOEZ+00
.doubleclick.net/	1970-01-19 22:48:07	Name: test_cookie Value: CheckForPermission
.smartadserver.com/	1970-01-20 08:16:54	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 08:16:54	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/	1970-01-20 08:16:54	Name: pid Value: 436030397313083836
.smartadserver.com/	1970-01-20 08:16:54	Name: pdomid Value: 11
.abbynews.com/	1970-01-20 08:09:42	Name: __gads Value: ID=059a925b7d8af29b-227fae34d6cb009a:T=1637286329:S=ALNI_MYn7kn711GxAAG9q58UGrSINUMTow
.admanmedia.com/	1970-01-20 07:33:42	Name: admtr Value: 4313a8925331bb87216a59b53a3a4883b5132b98
.tremorhub.com/	1970-01-20 07:34:03	Name: tvid Value: a47a39f2fa7446f1ba4063cd6524b2ea
.abbynews.com/	1970-01-20 16:19:18	Name: _ga Value: GA1.2.479025384.1637286329
.abbynews.com/	1970-01-19 22:49:32	Name: _gid Value: GA1.2.1263981275.1637286330
.abbynews.com/	1970-01-19 22:48:06	Name: _gat_awxoapTracker Value: 1
.abbynews.com/	1970-01-19 22:48:06	Name: _gat_gtag_UA_17101303_1 Value: 1
.adsrvr.org/	1970-01-20 07:33:42	Name: TDID Value: f1aaed3c-1689-4153-bd81-8c5721138b6e
.adsrvr.org/	1970-01-20 07:33:42	Name: TDCPM Value: CAEYBTgBQgQiAggB
.ad-srv.net/	1970-01-20 00:57:42	Name: pwzdy6wsn8n7_uid Value: ea99c65fdf4f14c2
.openx.net/	1970-01-20 07:33:42	Name: i Value: 3934096c-93ed-03d8-3d9f-60f911b21e05\|1637286330
.awin1.com/	1970-01-19 22:52:25	Name: awpv11430 Value: 473322\|1637286330\|60f51e70-48da-11ec-a546-22340e667dce
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 361931:2950366
.openx.net/	1970-01-19 23:09:42	Name: pd Value: v2\|1637286330\|gekin0vNiygu
.creative.mlsat02.de/	1970-01-20 00:14:30	Name: trs Value: 51680730%3B908cbadb724971cc9012ced767276cc8%3B11430_473322_1637286330_60f2ad70-48da-11ec-9d39-2236c0dc0c5d%3B
.mathtag.com/	1970-01-20 08:14:01	Name: uuid Value: 66996197-01ba-4a00-a9bf-d199ca4c3733
.adform.net/	1970-01-19 23:31:18	Name: C Value: 1
.adform.net/	1970-01-20 00:14:30	Name: uid Value: 8273215590168972827
.telekom.de/	1970-01-19 22:52:25	Name: viewvpnr Value: MetaPeople\|pv-NTE2ODA3MzA7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MzcyODYzMzBfNjBmMmFkNzAtNDhkYS0xMWVjLTlkMzktMjIzNmMwZGMwYzVkOw..\|VB1049\|59814\|59814\|1-1105148698\|\|4001780
.adform.net/	1970-01-19 22:58:11	Name: TPC Value: 1637286331131
.quantserve.com/	1970-01-20 00:57:42	Name: d Value: EM8BDAHhJIqsMA
.quantserve.com/	1970-01-20 08:18:20	Name: mc Value: 619701bb-3602a-60d82-2ec67
.aaa.artefact.com/	1970-01-20 07:33:42	Name: trscj Value: MTYzNzI4NjMzMXxMM1J5WTJzdlpYWnBaWGN2T1RBNFkySmhaR0kzTWpRNU56RmpZemt3TVRKalpXUTNOamN5Tnpaall6Zy9aWGgwWDNCMVlteHBjMmhsY2w5cFpEMDBOek16TWpJbVlqMHhKbTV2UFRFbVkzUnBaRDAwTlRBek1UTXhOaVowWnoxbWJtMTZZbUo0ZUNaamEzVnliRDB4fGFIUjBjSE02THk5aFpEZ3VZV1F0YzNKMkxtNWxkQzg9
.abbynews.com/	1970-01-19 22:48:06	Name: _gat_gtag_UA_17099191_2 Value: 1
.abbynews.com/	1970-01-19 22:48:06	Name: _gat_gtag_UA_17099191_1 Value: 1

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=529064 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=346034 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=383075 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html".
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=484755 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=188441 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=491725 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=576324 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=786630 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=755339 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://query.yahooapis.com/v1/public/yql?q=select%20%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text%3D%27%20V2S%202H5%27)%20and%20u%3D%27c%27&format=json Message*: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aa5abbbb2ddecc2ab395451e74463989.safeframe.googlesyndication.com
aaa.artefact.com
abbynews.com
ad.ad-srv.net
ad.crwdcntrl.net
ad8.ad-srv.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analyticssystems.net
api.dosomegood.ca
bam-cell.nr-data.net
bcp.crwdcntrl.net
c1.adform.net
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
content.jwplatform.com
creative.mlsat02.de
cs.admanmedia.com
d3plfjw9uod7ab.cloudfront.net
dc9d571675fe5e7415ec8d1e7a2bd3cb.safeframe.googlesyndication.com
ebs08.telekom.de
eu-u.openx.net
eus.rubiconproject.com
files.dosomegood.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idsync.rlcdn.com
ie1-bid.adsrvr.org
image.issuu.com
includemodal.global.ssl.fastly.net
js-agent.newrelic.com
loadeu.exelator.com
match.adsrvr.org
ml314.com
oap.accuweather.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
platform.twitter.com
query.yahooapis.com
rechtstexte.s3.amazonaws.com
s0.2mdn.net
s1.adform.net
sb.freeskreen.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.freeskreen.com
stats.g.doubleclick.net
sync.mathtag.com
sync.sharethis.com
sync.smartadserver.com
syndication.twitter.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tqe36.flx10.com
track.adform.net
tracking.mlsat02.de
us-u.openx.net
vortex.accuweather.com
ww1772.smartadserver.com
www.abbynews.com
www.accuweather.com
www.awin1.com
www.canadianevergreen.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.westcoasttraveller.com
bam-cell.nr-data.net
googleads.g.doubleclick.net
query.yahooapis.com
thrtle.com
tpc.googlesyndication.com
www.google.com
www.google.de
104.111.214.80
104.111.239.217
104.244.42.136
104.89.42.102
13.32.121.5
13.32.99.88
138.201.63.150
142.250.184.198
142.250.185.130
142.250.185.170
142.250.185.97
142.250.186.100
142.250.186.129
142.250.186.130
142.250.186.66
142.250.186.98
146.148.100.136
15.197.193.217
151.101.129.194
151.101.194.137
172.217.16.131
18.66.122.126
18.66.97.9
185.29.132.241
185.86.137.32
185.86.138.143
216.58.212.131
23.111.9.203
23.37.42.132
2600:1f18:612b:4216:faf1:9619:7fb0:de49
2600:9000:223c:a000:18:1fcd:34f:cdc1
2600:9000:223e:9800:13:a391:88c0:21
2600:9000:223f:4800:1:a3fa:7cc0:93a1
2600:9000:2240:6200:16:8147:1b00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3030::6815:251b
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9b
2a04:4e42:400::622
3.127.253.208
34.98.64.218
35.176.195.187
35.244.174.68
35.71.161.21
37.157.2.249
37.157.3.29
37.157.6.245
51.178.130.209
51.68.117.182
52.208.103.128
52.208.138.90
52.218.40.250
52.222.214.123
52.222.214.75
52.6.232.190
54.78.254.47
66.209.187.158
69.173.144.165
78.46.90.238
80.158.66.20
88.214.206.142
91.228.74.226
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
07989fce6a6a8a3e2d6a809effa05f2530edc3b4bd2ce0d4075d9754dc4b0e9b
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cae1c6bfcf4f135ad1641af2c3ee9031ef0c77759612cb5ad783617a0b7a051
0d51e491358b422c48bfded82dabb3c304ac77378e3d4e58ed3e5d76cf024092
0e1bd5aee9aed9156cc04c752373ab18069c1f4beb60a43271782258e086e46e
10c25f27a480a376f2eda127d97ff4e1f8ee1a9c13cb7e8e50a8d6af305faf2e
10d3caf1dad9a34df417d3de2ad9bc5010a9335507c8a419123f9c83ebeff7f6
133ac9c0c12f8fbba4504146583046eac8c5e1090e2816d4b7e448c36f139777
1618e842eb77841ef358fbd536f32c5b5b027813c3c0e44e3b718c7acb021c1c
19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60
1eb4cc742aefcfa05485e1b50ca6976bf41ee40577c87465dcb60851209d5a53
20144cb579d3aa01d5d941f569255d52db1e2a0bbdcde5358d94f8807c93e2d4
20d0722f9ca5e2bb2b781d5119763a3f09d519bc39d88dfe4f83ad17b0ebfc6e
229145b60edbe7dd3fc2a119da47bfe176a4bbf1b76a496101cb1a551785f331
22b733329b495cefdd8fd3c3d50f595e02cede8194a18d6383a4f7ab8d0b1d2c
23353d96a0f09f009278cc519ed5f3dfed39e67217aba6e332eef215b0f56f65
26406d5c03b9e3cb5d5325fc5a88088f0a593fdfebaeb9d3a0a948b0376108da
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
2c9d5b2959e5a8775d1f4b4af8600829d1551f9bac5923e8df25e4c9c655c970
2dda5d1412dd26aadbf27619473bbcf0c6a7003bbe8aaff7397a4e003cd1ff7e
2e7d64f72f2edb76e15c9c1236ac2440c10f81af30d844bbf780b9ac5d7e8c26
31e5d47b21272f0b35b881201a91486ad2ebdbea27bb88c294e910d00de6a18b
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
34318615f719ba75c1a4d6737b937456c779a1d26bf8182eb92f6b365a76355d
345ca3259b1829c754a5a144e3e96c92419a5d31b6baa132994bb1135c6bbb91
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
393eb38f12a9ed5a3d6f17742d4feabd71a799c284c132372c9379c14d7cd183
3adada42fbe3da29fe00e00313a663cf9f7c8551898543bb1e7ee1dddd422847
3bf8f52f9448cc816908d39b935d5b5414ce0daf3235c0a85d84ea750ad6c87d
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410808f5f65fdd05b18ac4d63bc24f770d6b7ec9c6fa70008eca154df72d80ee
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c416724ef1efdb2a2fd4b5c022b9e0dd5087505734c91cc7b0783eef30898f7
4d74d7a1dc5eae37e46236249dc28454c0fea535c807509461b7a65d5e142cbf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eecd11b7c5edcb48e0f17a117e40361ce82605e0d6d1d2d3bd5636eaa0ce28f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fff7ee903871c35f188be4974cfccb25af2907814e3d056501b3bdede51c164
512e85e4418b5738960fee9161282405c08040d8ca8b055fced68ca1a053b455
51fcd30ea0320a89286fcccd1d0aa91e63d324d400f265c8ed65363158a92c77
52aab9dcbbca180d97592aff586e675c97e44f2f2542284d532cb1cfecaa1377
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
59f9e64914e5176726aa7685e8792f5e4f77706774790a0aedc236632cc6639e
5aeae9effa57334a2f01fe5bc138d28d2a378a9fa24b94bb37dcb5dc23135e86
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf35e64beb98bace6b719cf94f4ce57e4aea164d5404304b271aef763c9f66f
5ca472b21f7866fbc2ac81e93d24a1064405e015259224537236a99d9539af43
5d0bd12db046e2bacf04d499428a48266a64db696ea400c2fa316b3c22f80ce7
5d18201d90e5d9aa77119e14de2630961ce2ab878477815f90538fd3fc4addd8
5ddd77cc41840cf3d5a8954d0c020d85dbf21dd38d173d1aa0b673a1bf0fd09c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6096fbd299208a6d1a8a2ac049767b7c57e786d1fec17e8182489be778cc4872
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
63d51359b36029090121b5e5c40e9f64a8ca82e6be2e4b64289256b81edb7c7a
640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565
64d34721cb9e0b80a21deb60608f3000e9d4121e69b8b8ac79852f28fce4e19a
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6ab6cdd5c7095349f243cd1f3ed712b73ce99f7fbc3fbbe315f91ca21a8533f6
6add0458630d0a43fa3b3cf9bc1a96f2d34427ed8b18be145d0904dd87f2c129
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f95320e734576bc3000a06bffb305e7439c4f19e10fe96bb86f6a75f37a9930
70642c0422d4b5bfd419d065514d61cf9a3704002eccd116b362fd1699e3711d
711d58efe3fb738b5153c8dcb7b6b96a515f6cf74ac828b47fe69c689005ee4b
7127dc4aa860fed296891b72a6f0af42d8a4f0b8e78f9adbd0bb53b1c6d1d28e
71908bbd021be57f07ad6d59f0274577a2bde6c97d4947d4edfee085a2b5cd49
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72ccad6dfae41007c5a11bc419d276971f54ffeac0af9ddc4402f486fc7bea26
73935fb2994eb72393277c4b0c9b6d05a71510c7bff2d6fd76942b7a2d37c96b
73dd370eaaf28363bf62d9c251faad48f311035cbaacf63ae4e8158077308347
74907f2867792dac05812345f5e572c44e7b5f64c1239de7fd27813b636e37a5
755e689193250349a18803167500fe2fe15a5ad4048d7aa9f47dc6ee8e5c5851
75a9f8df29f845fac007bb1d5b15e187c6285642cbd29c02cfbac894934f9f75
77101d3934d515cd8c227dc53a333e62be8b4c11a376a83ce64b9c04c1ba65a1
77ce9426f594aa3b56d8eeeb15bf91871548224c7e5afdd7d4550d7923bda588
7856db2d13b9512509920ac6c93bc002e4286a82d3ee67cf55cd9142049ea838
7950d8299b3aecd546487fa55f8c104d3ae1e6fe6e1026d8194de2ec2feb03af
79d84c6ced6a7ded12a665446b5551109fc2263cfcb447bdc4c67cb122eeec96
7a09cc4f47dccc753fcd4664c49176808db927505be1ea1ca179f6cddda13ca8
7cbaa6238609ce74a8edcd3687fe6c96ca91e116258466723f7416032c200dab
7db82ef7cdc624a599e540172d2d2ba7fc35cff38bb34f4b17dd4c57b5532da8
7ea2b6725d581886b54d1810d714c2321379103d43ca42bf904f722b269287ff
7fd4991e3556bf1369e5efd59761acdd9abedab022cd2599a0cff46b2e03ee8f
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847828ce76d2de856454fd299bb28a970df5c2a07496aa8372d82482f47b46a9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850308b864399fef2dc45a80743a557e3b9b4f2476062da0a62f0b6df05c89eb
8702c37f8cb474dfdf78a05b4b621edef00386f2212fefc8e08eb74d34acfffb
882472f61b03f7ccbe400b8626fd7be9795dfc20f0c0502b8cacf2c1d30e5a8f
8a8bcd311e85e8e980194f91bcfadff7088d6447ec4f19539a49dd231b9b1a16
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bd079818c58acab6bd8925ca6ea880933994962e5cc83f7f7d4424e5d9d51fb
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9230cfbbe8657ebc18bc1a1c4c1d9498a97757178487b910da35e0784b8b3110
93bf6fc5f7161ff39a3c2cd19b8eef0bfc994107a42dfa2ddd568b2d634e2155
95e2e1c013730664495de19081bd85256322fe6c6447a25b15f429ae02a3699e
95e9ca0ebd18320b23a6c5515c752844b462810c91dea9763fa675489235e92e
97d7c5c7cd9b245f8b97026befdfa0743692f6c770aab711443a84aaec524549
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9942ca8ac2c3fa19b7f8e43e8dca588c67e62a98d3c594ad48856a71aa0a858c
996baad2d88a76c43c894f4300be233089f434b102cb7f92274e486935c037f3
9e146901d96cca92734ff7bc8f61228fde04d138049edbc7e2d839c4145e9f08
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a093a65cec169ac3081d970a7ec3c627be518f4eda6de57fa8fbbe4f8807414a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a219c50527d3e9887496b6f8d124877885a1ff1671276e4967f14d7dc8a1a9e3
a30cf27bf4f5e5a36691545e2adf296b8c7c8c8fca7d0d34fec9773b4cb1ac31
a38a16125a90c77dfb92f9dfb488da253fab6cbae8fe7aa5b531c1201fe3c331
a44c30559ce751be573fc18c844f40c12dfb4eee1e8da0c8d9b94d83a0b007cc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55e34bd141cc265771885303756fc66b053a5ade45ad102dadcd3fd45ce6fde
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a702024c3f0675fcff2cf8b1acbf114ded5429314644fb886fd4dd23e215666c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87500265116e879a999a811abeb3bb948de9b9a0b896d812380904382860ae7
a8aa9d38d8550a3499c50bcd6ce82a14abfa55b05ba4a480925f4eafb2eecaed
a9a952bc350de0b911631be4d8b641cb37bfc751057ab2d202c39a861b61dbb9
aba9b6d58d70b2d15aaf2bf91c83f1a7031aeecbef7eab992821660b6d3e5896
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e4b5f8411a34d61a21827a8d3c221821e3a938f87e6c49af63b5fef34976c3
b4e9d09f0ea6addb791df35f2735dbea6a1b512f6d06ff3feffb2cbe64ffb757
b62c7df0058672cf2914d0c98112246dde9fb28be030ece60029c5a812737879
b65dc83295ab665948b55e2cb22660de9e996664bb3b48db5204d2c7d601bbea
b663419733f90e316eda931466ed2777ac88965474ff4cb1cb8ce4e78f4aa87d
b66f7f78425f0541849b31d7662a67254caaa1f222a27964ecc463c159e88e25
b85817e55e3484f29fbbf766e24ab7f8661a1759a4c263d07f5281a59e25b4d5
b91657c43e808e2d0a86208e72bd2d843600dbf531f6ff13b57fec3aed3ce7db
b9517520826c7286a1298e06934eafe8dc3cf7aaa60d0568f3a4f2d35aca1bf3
ba4979c352384ce17af97af31451d3d181c46c99de4483a400227d40e909a3ad
ba8a62a84d18118eb3f61fe0dbfd5036d86687db5588ac51cb8e3979603edcda
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bd95025b1f073f6308403d3448945d8eb6a3dcbb5b55cc2ba32d672c68ae5bcc
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf798a212188f2eddc65b84febe82d5110b4c92e33dc971b0b54012754db8d3c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1fbc1b275734ec725948b439841d3e97ff0b113001fe0d01b35f27f992353de
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8b60dd696e8d918005d937cb9939e3c4aad22f657cd892862c30bc0c4556b43
c9256628255551fc4ddf7449432fbcf4517a7cf4acf247a2943d5e470666cad0
cbb19ddbb5f481ffb3ee1ef4040086c5e035d3e0e0c64d9c8b83eceacd494b5e
ccfd5f4c0952bc9316d963ec49abf5cdad1c9b19b50c0abd07b92d37b4c9b20f
cf112a629025eca8ff03268bcefd7d23ea07e5bce2e9e36826fed2d45ac84711
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d043ad1f4fd5c41b1297c084d3545d4ee1ce5c2a2a6d87de9f4ee6b089638e1a
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451
d6cabec833766936eafd3203772effdd969e5f6cad77eeba85b09b8eda13c6cb
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
da1b8452c623474960c1502afc0f0db5db0a948964de781460463e4cf47bfa90
da2f38e14f96723181891367589cadbbfda2f85af0b060d66176ecc7564ad260
da83ded1dc3c3e84f1ad194a00fa277c7a27ec5737a96c5de8a656d55283dd3a
dccb5e8ac060d99a5d1bafa0e0a9f50023c551377a45c9981d3bc2bc6248e6c6
dd44d96fd59e0bcf8cbc93cd2b9df29a408d2715ac7c341b97ae6751db91c4c5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6d6135fd8117825be5d34c1c8e96e6aeb4e49dcab238aa98254f39857ad8be
dfc752f7c8eb3ebc90d53b7b40dbccf5984da0077440533e0ded2dd847ed83fa
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c77aefa17e1f4b88e8c5a32de50ad27a8df57b6f7f4c90e55de667f202529f
e5f4d007fdf8bec0722bd003ab26a2f573bf8e32f3eee6104bee389d9768aa90
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
e920a3feb3518d564200e0cfc10f1f860bc2e0c9408cfaabfc85624da652cf80
ea701a563f82c40bbdb90e4450c82dabd3089cb2e280ac1a8881046ce4fd36c1
eb112c8ea831ff58508ee7e74a8c917d524ea681a844a9ca4fe3a2c066ac74ae
eb78c09d20d10c382e33b618653153c20db0242f925f64497e7d490cde05b7f3
ecda9bc7461947ae9c9a0a52eb4d2839d543283c48993a52631dba9eb4141fb6
ed892e1a27992f4456d1ed692792738e3c2f3f2674e44459df87d29a961ab593
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
f1e493eca7f112d09fad9bed888b428bba045e1d2c6e68a72966a58622f6fc23
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f29d759798be5fc44d2e05692d5b07dacf0c401deec2c8a9f360930a7280ddd9
f365ad2fada85f47742dc4eb433b4157c8bfa66aa31d3e8eb805fd2890375cff
f3e7fabaaa3d13c7eceee2291f67cc3855e589b4705955d72782270fd79010b3
f4a4e3fb026d44c8a39e4f33f441a8046cc5ab822e86558889274f4cbbe61178
f612b02cab3a4e44ec79f9db952aced3935f378b533ce512698228bec6ee6414
f61fc63274277bd4f8ddc13096e6b712dfda6c8b47aa19aa40ad3482fa19aa70
f9faff1edb5b3b7a84a8be733d977d5cf3470bc964e6351b8cdcb34b8d4add37
fcf5955999aa707293828168c27771dc76be3cc65d2222100ad5aeaddb803f89
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.abbynews.com Open in urlscan Pro 52.222.214.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

300 Requests

85 %HTTPS

28 %IPv6

53 Domains

79 Subdomains

67 IPs

8 Countries

5555 kBTransfer

12333 kBSize

39 Cookies

32 Outgoing links

Page URL History

Redirected requests

300 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.abbynews.com Open in urlscan Pro
52.222.214.75 Public Scan

Screenshot
Live screenshot

Full Image

300
Requests

85 %
HTTPS

28 %
IPv6

53
Domains

79
Subdomains

67
IPs

8
Countries

5555 kB
Transfer

12333 kB
Size

39
Cookies

300 HTTP transactions
20 data transactions