www.theyucatantimes.com Open in urlscan Pro
67.205.21.142  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.theyucatantimes.com/ HTTP 307
   https://www.theyucatantimes.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://www.tiktok.com/embed.js HTTP 302
• https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

Request Chain 157

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1

Request Chain 158

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGW.65GJYYH4ezvYjpel1QAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1&google_hm=2

Request Chain 159

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEJ8BVuv8TACPshGNG5haHsU&google_cver=1

Request Chain 160

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNTk0OTkxMTI2Njg3NTAzMw%3D%3D

Request Chain 176

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED1e-dKVvE8nVWQoYG9hu7Q&google_cver=1&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk7PdtmpwKYz2zCA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk7PdtmpwKYz2zCA

Request Chain 178

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDgVm81ybSobUamEs2kAc2w&google_cver=1&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlWt9DhdNn7nFw5fq-g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDM5ODI5NzI2NTk5Mzg2Nw%3D%3D&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlWt9DhdNn7nFw5fq-g

Request Chain 180

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjAnZLKnHM7Mlc1t9tRq1M&google_cver=1&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrHVbyc5VzzT6UUJdEsoaGA0sq-yMw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhTUTMwVEEtMVctRTZaWQ==&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrHVbyc5VzzT6UUJdEsoaGA0sq-yMw

Request Chain 181

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-VzBlH37qugq5fkI0bsZw&google_cver=1&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-VzBlH37qugq5fkI0bsZw&google_cver=1&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw&google_hm=GqiItGZHN_wPBtFcR9qDGEUe

Request Chain 193

• https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1724616865008460&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.theyucatantimes.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jDxAKQpW80dyA003uy97Gb&adContainerId=brand_safety_675lZK7fJ4_mx_AP1a-LqAY&cbFunctionName=goog_wrapCb_675lZK7fJ4_mx_AP1a-LqAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.theyucatantimes.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.theyucatantimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:c5403296-ca31-277c-9077-e5ab1f9cb40c,c:cWwGJF,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-b7pkj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tEAn9IE+11%7C121%7C122%7C123*.990511-61634099%7C1231%7C1232%7C12331%7C1234%7C131%7C132,idMap:123*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:28,oid:40658dfd-f541-11ed-8e8c-a66fb77ab1fb,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js

Request Chain 243

• https://um.simpli.fi/gp_match?google_gid=CAESEEXyI4DJAmzwYOUcfiItNc0&google_cver=1&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-uQqN9gpeZVzxopqNqQv6OAGgj-wlVGA8zrFYplCm81gHcNQwZ_os15MJA-A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744E178FA9464C8A97B5F475B9785B7F&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-uQqN9gpeZVzxopqNqQv6OAGgj-wlVGA8zrFYplCm81gHcNQwZ_os15MJA-A

Request Chain 244

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAtlGUp8gR3Ae2BZBJ9FGSA&google_cver=1&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBzsdPwLZxHNF6A HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAtlGUp8gR3Ae2BZBJ9FGSA&google_cver=1&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBzsdPwLZxHNF6A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBzsdPwLZxHNF6A&google_hm=SWo8E9fgQYOYjJx6ZEH9fQ==

Request Chain 245

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBBuVN8Su5p4xXviU-E3t_8&google_cver=1&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe_Yro85Kh5BrFZ5NDd9PZmdET3WFICZoOxSMPPeCC2-_cgzCUjLQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe_Yro85Kh5BrFZ5NDd9PZmdET3WFICZoOxSMPPeCC2-_cgzCUjLQ&google_hm=eS11RV81UTVSRTJwSE1kTFBzWGxxLlhmZUJiVTRXXzAxc35B

Request Chain 247

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENhKowvjZea4IaCiVFgwGFo&google_cver=1&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6pfpKZXemYNvHjJGlUmwlWFOaBG2e3DstbK7xoUZnTYNbvaAqEiYo3oqtpKplF4xFTQ HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENhKowvjZea4IaCiVFgwGFo&google_cver=1&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6pfpKZXemYNvHjJGlUmwlWFOaBG2e3DstbK7xoUZnTYNbvaAqEiYo3oqtpKplF4xFTQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3ODg2ODQ5OTQzNzMwODMxNg&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6pfpKZXemYNvHjJGlUmwlWFOaBG2e3DstbK7xoUZnTYNbvaAqEiYo3oqtpKplF4xFTQ

Request Chain 254

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFy5eRDw0IXR0vcbsDs0eXY&google_cver=1

Request Chain 255

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhTUTMwVEEtMVctRTZaWQ== HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjAnZLKnHM7Mlc1t9tRq1M&google_cver=1

Request Chain 256

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjUwNDViZGIwZDk4ZjNlZGEyYzY5NTVmMzBkOThmYWIyZjU4MmFmNA

Request Chain 257

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHSQ30TA-1W-E6ZY

Request Chain 258

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/QnMH8dBF_bKI7djdBL13Ssn5EUdSAgOZEtemQ7w0kco?csrc=

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
21 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.theyucatantimes.com/ Redirect Chain http://www.theyucatantimes.com/ https://www.theyucatantimes.com/	81 KB 15 KB	408ms 147ms	Document text/html	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 81b3e1735acf89c70124d9b1acc5515a24827df22856caf70878813031d4676a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=2640, public max-age=600 content-encoding gzip content-length 15255 content-type text/html; charset=UTF-8 date Thu, 18 May 2023 06:00:07 GMT etag "792cedf54e15aa6fb6c3679eadcf2db1" expires Thu, 18 May 2023 06:10:07 GMT last-modified Thu, 18 May 2023 05:44:07 GMT link <https://www.theyucatantimes.com/wp-json/>; rel="https://api.w.org/", <https://www.theyucatantimes.com/wp-json/wp/v2/pages/75828>; rel="alternate"; type="application/json", <https://www.theyucatantimes.com/>; rel=shortlink pragma public referrer-policy no-referrer-when-downgrade server Apache vary Accept-Encoding,User-Agent Redirect headers Cross-Origin-Resource-Policy Cross-Origin Location https://www.theyucatantimes.com/ Non-Authoritative-Reason HSTS
GET H2	200	lazyload.min.js Show response www.theyucatantimes.com/wp-content/plugins/w3-total-cache/pub/js/	6 KB 2 KB	128ms 121ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 04 Apr 2023 21:11:59 GMT server Apache etag "1883-5f88920472e8d-gzip" vary Accept-Encoding,User-Agent content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 2362 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	116 KB 46 KB	160ms 53ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-46004065-1 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 16953712a9510e2d943cfd9172750ba372669d92cdd69c188f54b88f5f4deb99 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 46291 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 18 May 2023 06:00:08 GMT
GET H2	200	eb7db.css www.theyucatantimes.com/wp-content/cache/minify/	96 KB 13 KB	131ms 124ms	Stylesheet text/css	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/eb7db.css Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash ab9e992c4e7e7edb75841aa8b7c22362950b1cb0c4e2e4da67a72dfc28f817df Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:49 GMT server Apache etag "318e-5fbd72a4d72fd" vary Accept-Encoding content-type text/css cache-control max-age=31536000, public accept-ranges bytes content-length 12686 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	f1c66.css www.theyucatantimes.com/wp-content/cache/minify/	67 KB 10 KB	218ms 211ms	Stylesheet text/css	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/f1c66.css Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 2cb93051bdf6be85140c7c2c38c35683dd15d354424228853709dcd0a0cc6214 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:51 GMT server Apache etag "276c-5fbd72a607e2e" vary Accept-Encoding content-type text/css cache-control max-age=31536000, public accept-ranges bytes content-length 10092 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	daacc.css www.theyucatantimes.com/wp-content/cache/minify/	109 KB 21 KB	249ms 244ms	Stylesheet text/css	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/daacc.css Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 60201835247b021944906a250f777064ba1795a5c6a5ee0a2095c5baa074daa8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:51 GMT server Apache etag "52f8-5fbd72a6c846e" vary Accept-Encoding content-type text/css cache-control max-age=31536000, public accept-ranges bytes content-length 21240 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	154ms 49ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Franklin%3A400%2C500%2C700%7CSource+Serif+Pro%3A400%2C600%2C700 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 352d704b09ac4c3a636c6a886b8a88347d37e395ceaffb4565a1b6960243b591 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 18 May 2023 06:00:08 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 18 May 2023 06:00:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 18 May 2023 06:00:08 GMT
GET H2	200	022e6.css www.theyucatantimes.com/wp-content/cache/minify/	116 KB 20 KB	248ms 244ms	Stylesheet text/css	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/022e6.css Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 0c79bffdf8e425d74bcba4ba3dc25d3566821658eb948f86b68ca809d8569c74 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:50 GMT server Apache etag "4e91-5fbd72a560e33" vary Accept-Encoding content-type text/css cache-control max-age=31536000, public accept-ranges bytes content-length 20113 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	c4d91.js Show response www.theyucatantimes.com/wp-content/cache/minify/	12 KB 3 KB	216ms 212ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/c4d91.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:50 GMT server Apache etag "cab-5fbd72a575657" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 3243 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	7cb8a.js Show response www.theyucatantimes.com/wp-content/cache/minify/	104 KB 35 KB	215ms 212ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/7cb8a.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash cf33a3b0dc7b3c07f8c2ad5222b5e6bef7a2e95a4b5e237f2991d02a5183a8b9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:07 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:51 GMT server Apache etag "8c31-5fbd72a66c79f" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 35889 expires Fri, 17 May 2024 06:00:07 GMT
GET H2	200	relapads.lite.js Show response cdn.relappro.com/adservices/v4/	120 KB 25 KB	218ms 48ms	Script application/javascript	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.relappro.com/adservices/v4/relapads.lite.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56974befa995b7efb0f61cfba222e7c1f4fc15bdd39341a258996eefc6d0cf13 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers expires Wed, 24 May 2023 18:47:54 GMT date Thu, 18 May 2023 06:00:08 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 40334 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Wed, 23 Nov 2022 21:53:58 GMT server cloudflare etag W/"637e9676-1e0a2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAdTyp79zssITX3xg8xZela%2BlLK9eHoUjXARApwZEJNbe%2FS69IftSO1SGx%2Fmp6XsE%2BdH0Oyf40me1xC0Bdkwd9LJVTHGze2Rdaqy2VnGB82cKNT9QokazpI3DlnV%2Fe32ZurmFA1g6LjQxnYkFW%2Fp"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=604800, must-revalidate, proxy-revalidate cf-ray 7c91e0ccb8e72bea-FRA default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
GET H2	200	wp-emoji-release.min.js Show response www.theyucatantimes.com/wp-includes/js/	18 KB 5 KB	125ms 124ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-includes/js/wp-emoji-release.min.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 04 Apr 2023 21:11:09 GMT server Apache etag "4904-5f8891d49195c-gzip" vary Accept-Encoding,User-Agent content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 5116 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	embed_v1.0.11.js Show response lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ Redirect Chain https://www.tiktok.com/embed.js https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js	46 KB 15 KB	196ms 43ms	Script application/javascript	23.10.249.145 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Server 23.10.249.145 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-10-249-145.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 6d58398 date Thu, 18 May 2023 06:00:08 GMT content-encoding br x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 a2mC7RA9gA0jSaiCieTPqA== x-cache TCP_MEM_HIT from a23-10-249-141.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_HIT cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=5 content-length 14603 x-tos-request-id 982181631161860263631161-af54d1e x-tos-response-time Thu, 03 Nov 2022 00:54:58 GMT last-modified Thu, 03 Nov 2022 00:46:48 GMT server nginx etag CPXr0NbkkPsCEAE= access-control-max-age 86400 access-control-allow-methods GET,POST content-type application/javascript access-control-allow-origin * cache-control max-age=1973241 access-control-allow-credentials false x-tt-trace-host 01b6cf6988c0736264268e08acf78ae67630ccbc3e1611616a439f5e24f93e1dfbef33a2aef23d427be05c4abd3342f62d758b7c3a027cffb1fb9df939f08dacd8f241979f08460fa0aad9d9378443df590a80c884ed7ced14c7b136027a142f12e912ecd2a65b9ca70d4eaed1c8da5955 accept-ranges bytes timing-allow-origin * access-control-allow-headers * Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:08 GMT x-akamai-request-id 70bee74 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 20230518060007411C9609A7310107B4FC x-cache TCP_MISS from a23-36-161-12.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) content-type text/html location https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js cache-control max-age=0, no-cache, no-store x-origin-response-time 86,23.36.161.12 x-tt-trace-host 017d0578f327b57d1558311a3c4228a516b55b6eff25f7fe442edfd624250919dfb071727b6878edf2437ce75b418e766a22b8b600216ae8f3e34a8c368c474ffd server-timing cdn-cache; desc=MISS, edge; dur=0, origin; dur=86 content-length 138 expires Thu, 18 May 2023 06:00:08 GMT
GET H2	200	a7321.js Show response www.theyucatantimes.com/wp-content/cache/minify/	90 KB 24 KB	259ms 259ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/a7321.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 70f836c0c74c02d5e9f0ab8160cbe703790f95f23f0965428c8c518a2bddefda Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:33:51 GMT server Apache etag "5ec7-5fbd72a6233b3" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 24263 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	e-202320.js Show response stats.wp.com/	9 KB 3 KB	201ms 39ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202320.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-nc HIT hhn date Thu, 18 May 2023 06:00:08 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Tue, 07 May 2024 13:50:35 GMT
GET H2	200	1615d.js Show response www.theyucatantimes.com/wp-content/cache/minify/	6 KB 2 KB	124ms 123ms	Script application/x-javascript	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/cache/minify/1615d.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Tue, 16 May 2023 22:35:06 GMT server Apache etag "934-5fbd72ee575cf" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31536000, public accept-ranges bytes content-length 2356 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	202ms 40ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-46004065-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 18 May 2023 05:05:00 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 3308 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Thu, 18 May 2023 07:05:00 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 947d0f493c8a56105c9c1d3a24d3133766fb72bd813c60bee4120e69b65b32b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 755cc375ed0731912eab8fb85180b8f139fc0d871361055253cdfae2f6a98d21 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 fonts.gstatic.com/s/librefranklin/v13/	27 KB 27 KB	231ms 77ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A400%2C500%2C700%7CSource+Serif+Pro%3A400%2C600%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.theyucatantimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 13 May 2023 15:25:05 GMT x-content-type-options nosniff age 398103 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27268 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:56:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 May 2024 15:25:05 GMT
GET H2	200	fontawesome-webfont.woff2 www.theyucatantimes.com/wp-content/themes/newspapertimes-2017/fonts/	75 KB 76 KB	126ms 126ms	Font application/font-woff2	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Full URL https://www.theyucatantimes.com/wp-content/themes/newspapertimes-2017/fonts/fontawesome-webfont.woff2 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/wp-content/cache/minify/daacc.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://www.theyucatantimes.com/wp-content/cache/minify/daacc.css Origin https://www.theyucatantimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 03 Feb 2020 20:09:20 GMT server Apache etag "12d68-59db17fa7e5c6-gzip" vary Accept-Encoding,User-Agent content-type application/font-woff2 cache-control max-age=31536000, public accept-ranges bytes expires Fri, 17 May 2024 06:00:08 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 79f31718bd32811f091da6a4c49dc65cee2b6c8d1649eb76926bf956a3a52fb6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 03c26bb53d8b33e0438c1ea847fc3d58ae1e021522d25e6180c0694fdd96d6c1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1555626fd0b847f6453bcf96e9674aad49425cbed925906c6e624e5f80ad468 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 03fee2cc4108fe888fb6d757d7c4d7a4174865be2d02a9b236937a7528818594 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d94444a72693bed5843270e84b04c626b5480bc8789a53b1bef85a3478b8f1a2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9dae3ad59d6caf5df88a503f4146b03923c82f2572b62d9aa33a817466697bbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b7102058cf6ebd19eea98465334558b9cb0cb7111fb8e0f877d29e440f4abef Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e48a8d34c36d6935273c1f1eb95dbe0d42ce4e6880c19de01a90c58b266e8a19 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8f0801e5de3974ef2e37d2eb321cf050e7d2560fe5d1b1f3bc34fcdb807e89d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a7ca207d6cc6fee0d199d4b1e4bfca818a5fa9d9753d29c443da1e19e091205 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8cc8f07a90380c6fb882d2bd9e9d2e384a7c872df81b29f1557fc949b238cddc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2 fonts.gstatic.com/s/sourceserifpro/v15/	20 KB 21 KB	172ms 40ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourceserifpro/v15/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A400%2C500%2C700%7CSource+Serif+Pro%3A400%2C600%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6889a7789d4db6452dd58c9f2b0ae003221eae0cfe30e2402d0d941f7f371fe8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.theyucatantimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 13 May 2023 21:35:15 GMT x-content-type-options nosniff age 375893 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20864 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:27:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 May 2024 21:35:15 GMT
GET H2	200	neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 fonts.gstatic.com/s/sourceserifpro/v15/	20 KB 20 KB	229ms 98ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A400%2C500%2C700%7CSource+Serif+Pro%3A400%2C600%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 547a2c05a1b8744633148a704ddba5adac238c5cbaf05bbd25606827a372b019 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.theyucatantimes.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 13 May 2023 15:16:36 GMT x-content-type-options nosniff age 398612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19980 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:45:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 May 2024 15:16:36 GMT
GET H2	200	cropped-TheYucatanTimes-MarcaOficial-01-2.png www.theyucatantimes.com/wp-content/uploads/2023/01/	11 KB 11 KB	127ms 126ms	Image image/png	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/01/cropped-TheYucatanTimes-MarcaOficial-01-2.png Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash de35336e9890320fb0daa0681be101f7e13e5f8da6a61bd9f3ea713b9faa11fe Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Thu, 09 Mar 2023 01:38:04 GMT server Apache etag "2cf9-5f66db22de991" vary User-Agent,Accept-Encoding content-type image/png cache-control max-age=31536000, public accept-ranges bytes content-length 11513 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	Banner-Yucatan-Properties-1.jpg www.theyucatantimes.com/wp-content/uploads/2023/02/	51 KB 52 KB	129ms 128ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/02/Banner-Yucatan-Properties-1.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 4ac173ff05aed15928190ab2c5cdba3213a761277dc58baf828ab837bdc28909 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Tue, 07 Feb 2023 20:00:44 GMT server Apache etag "ccb9-5f4219a5b02de" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 52409 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	manglar_chelemera_keila_vaxzquez.jpeg_852863802.jpeg-499x280.webp www.theyucatantimes.com/wp-content/uploads/2023/05/	18 KB 18 KB	130ms 128ms	Image image/webp	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/05/manglar_chelemera_keila_vaxzquez.jpeg_852863802.jpeg-499x280.webp Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 89f1ed65dd5579f086a595e7db1171eb397cadc6c216cb25188639d94c329148 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 17 May 2023 15:22:56 GMT server Apache etag "463a-5fbe54326fbe2" vary User-Agent content-type image/webp cache-control max-age=31536000, public accept-ranges bytes content-length 17978 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	holiday_inn_merida_banner_1_600x90px-728x90.jpg www.theyucatantimes.com/wp-content/uploads/2022/11/	59 KB 59 KB	130ms 128ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2022/11/holiday_inn_merida_banner_1_600x90px-728x90.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 2deaa4edc23c3cddc4dac260b5f7605ee457ff8a96bc5c47776d32ba3f35b6e1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Fri, 11 Nov 2022 17:27:07 GMT server Apache etag "eb6a-5ed3532f7374b" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 60266 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	pexels-photo-12377482-490x229.jpeg www.theyucatantimes.com/wp-content/uploads/2022/10/	15 KB 15 KB	142ms 141ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2022/10/pexels-photo-12377482-490x229.jpeg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 0f18e2fa4d0f2d699d6cb2a033de5e411b0024789ec520efcf5fcdeacac50557 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Sat, 14 Jan 2023 05:34:29 GMT server Apache etag "3b3d-5f232b43b4ccf" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 15165 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	nuevos_museos_yucatan_portada_1.jpg_458425832.jpg-172x100.webp www.theyucatantimes.com/wp-content/uploads/2023/05/	5 KB 5 KB	128ms 127ms	Image image/webp	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/05/nuevos_museos_yucatan_portada_1.jpg_458425832.jpg-172x100.webp Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 914544e709af5d375a74a1fea7d21f4d16f2344a1da31620017012b8f28b1be9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 17 May 2023 15:58:33 GMT server Apache etag "1430-5fbe5c288320c" vary User-Agent content-type image/webp cache-control max-age=31536000, public accept-ranges bytes content-length 5168 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	f800x450-290145_341591_5050-172x100.jpg www.theyucatantimes.com/wp-content/uploads/2023/05/	3 KB 3 KB	128ms 127ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/05/f800x450-290145_341591_5050-172x100.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash ed7e102b314290ed894664b7926b8f13c9c6d854397a8c8af59e194bfba639f3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 17 May 2023 15:43:31 GMT server Apache etag "b57-5fbe58cccf281" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 2903 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	flood-italy-172x100.jpg www.theyucatantimes.com/wp-content/uploads/2023/05/	4 KB 4 KB	142ms 142ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/05/flood-italy-172x100.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 47eb77e162a2fbd1bd4c64ea2b47e81b6d96f9535b85febbb61b601f6fdce165 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 17 May 2023 18:19:12 GMT server Apache etag "1187-5fbe7b989dbeb" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 4487 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	skyscraper.jpg www.theyucatantimes.com/wp-content/uploads/2023/01/	61 KB 61 KB	143ms 142ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/01/skyscraper.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash e46fa5cb496f3f7003aabe064c2ca263a0f97d1e6a129f292eec1ce0a5ebb6c6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 18 Jan 2023 17:12:10 GMT server Apache etag "f302-5f28ceaab9a90" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 62210 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	54ms 40ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=42484385&post=75828&tz=-5&srv=www.theyucatantimes.com&j=1%3A12.0&host=www.theyucatantimes.com&ref=&fcp=826&rand=0.7882446170268853 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-origin * date Thu, 18 May 2023 06:00:08 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	1f1f2-1f1fd.svg s.w.org/images/core/emoji/14.0.0/svg/	9 KB 10 KB	221ms 38ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/14.0.0/svg/1f1f2-1f1fd.svg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash 1f969e7c85f68cca244b373f6c4e20f1b88e24b0a458d331505aa97599002225 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-nc HIT hhn 2 date Thu, 18 May 2023 06:00:08 GMT x-content-type-options nosniff last-modified Tue, 12 Apr 2022 03:53:43 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=315360000 accept-ranges bytes content-length 9660 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 211 B	47ms 46ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1021976814&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theyucatantimes.com%2F&ul=en-us&de=UTF-8&dt=The%20Yucatan%20Times%20%E2%80%93%20Yucatan%20News%2C%20Politics%2C%20Economics%20and%20more%E2%80%A6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=204050250&gjid=1575573466&cid=1446387792.1684389609&tid=UA-46004065-1&_gid=500525157.1684389609&_r=1&gtm=457e35a0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=510320695 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 18 May 2023 06:00:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.theyucatantimes.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	horizontal-superior-Smart-2022.jpg www.theyucatantimes.com/wp-content/uploads/2023/01/	23 KB 23 KB	149ms 147ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/01/horizontal-superior-Smart-2022.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash d72be151f047e9280c5cf0bee9df9644be798ffcefb5ef5f0e72f718ff9dc1b3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 18 Jan 2023 17:16:50 GMT server Apache etag "5c2e-5f28cfb6acebd" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 23598 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	Banner-Horizontal-Superior-San-Miguel-Times.jpg www.theyucatantimes.com/wp-content/uploads/2016/06/	45 KB 45 KB	151ms 148ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2016/06/Banner-Horizontal-Superior-San-Miguel-Times.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash bd4f2b7a088634b40f59546f1d0caca494aa07658ce6af044bb723b13129f7dc Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Tue, 04 Feb 2020 02:06:27 GMT server Apache etag "b34f-59db67cd6b8b5" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 45903 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	vila-y-carlos-premio-estatal-deporte-396x377.webp www.theyucatantimes.com/wp-content/uploads/2021/12/	20 KB 20 KB	149ms 147ms	Image image/webp	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2021/12/vila-y-carlos-premio-estatal-deporte-396x377.webp Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 2129a702fad3f3cab6b224fade2abc86bca39783e38030d683594ba6ae2c2652 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 15 Dec 2021 14:34:30 GMT server Apache etag "4eb0-5d330342d6ddf" vary User-Agent content-type image/webp cache-control max-age=31536000, public accept-ranges bytes content-length 20144 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	Banner-medio-HP-Smart-2022.jpg www.theyucatantimes.com/wp-content/uploads/2023/01/	33 KB 34 KB	150ms 148ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/01/Banner-medio-HP-Smart-2022.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 5e08000695dee332256d8e1e16003903051eb696e21609e689e1fd1924ace051 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Wed, 18 Jan 2023 17:14:55 GMT server Apache etag "84e2-5f28cf484da57" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 34018 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	300X700-300x500.jpg www.theyucatantimes.com/wp-content/uploads/2023/04/	116 KB 117 KB	164ms 162ms	Image image/jpeg	67.205.21.142 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.theyucatantimes.com/wp-content/uploads/2023/04/300X700-300x500.jpg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.21.142 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS tracenumber.com Software Apache / Resource Hash 1b1d228071e982eded4efe0ba1ec986c105261c643fa11df5181806662e72c4a Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma public date Thu, 18 May 2023 06:00:08 GMT referrer-policy no-referrer-when-downgrade last-modified Mon, 24 Apr 2023 17:03:02 GMT server Apache etag "1cf2b-5fa17fad3d51d" vary User-Agent content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes content-length 118571 expires Fri, 17 May 2024 06:00:08 GMT
GET H2	200	relapads.lite.css cdn.relappro.com/adservices/v4/	1 KB 734 B	50ms 49ms	Stylesheet text/css	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.relappro.com/adservices/v4/relapads.lite.css Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd602c33422d661e3a7cddc264a9e0783192165ecc84650bd1b3960c0418c872 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers expires Wed, 24 May 2023 20:42:33 GMT date Thu, 18 May 2023 06:00:08 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 33455 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Thu, 07 Jul 2022 20:57:04 GMT server cloudflare etag W/"62c748a0-4b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuKseiSTCOvEv0zoQMpBOQ3vT073CtRrtRmGZCHjuLCfdeYTMl%2Fk%2B9kzclvbZmL6bMZ4TqM4%2BhPryh1GlGi8qAuXBSoxX1OWpyN6JzpxcKsPU5d%2BQeEdBchJ4svJlPzZJ6vZV0GjJUxtuS0IFgqi"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800, must-revalidate, proxy-revalidate cf-ray 7c91e0cd89b62bea-FRA default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
GET H2	200	13172d7e-afb2-4cdc-a131-2284eb85c901.json Show response tags.relappro.com/v4/	2 KB 1 KB	171ms 171ms	XHR application/json	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.relappro.com/v4/13172d7e-afb2-4cdc-a131-2284eb85c901.json?cb=1684787 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 899f40cb3b2ff15356ffb9e6acb3fc9f8047785e7ee2a833004b9ff7d31a9bb5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-type application/json Response headers date Thu, 18 May 2023 06:00:09 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Jun 2022 16:25:44 GMT server cloudflare etag W/"62b49408-831" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Eq6R88p4wUfhlXL%2BAFZY3tRT1h7sCCIb8n22jTWb1p8GTEyVO8mY9Jw7%2BpXGMwbp5xtdmfuQ4bV7Hh0iH0NIZfKe0z%2Bl3VrpQH2%2B%2BzqWMh3EncvGClovBZzHqYy%2Bz8MnpK%2F3R0U3a4BNAf8mLF4LQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 7c91e0d0de7d9153-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
GET H2	200	a251fa8b-c3b3-428f-afbf-d637fa455304.json Show response tags.relappro.com/v4/	2 KB 847 B	166ms 165ms	XHR application/json	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.relappro.com/v4/a251fa8b-c3b3-428f-afbf-d637fa455304.json?cb=5312338 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7473d4200181ca247ef32b1720f2ba5e2493d0a88f907b73411941578759b3a0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-type application/json Response headers date Thu, 18 May 2023 06:00:09 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 20 Oct 2022 23:40:13 GMT server cloudflare etag W/"6351dc5d-706" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXsEEk846NlGDP3bEQO8m9WpUftEzYzevXR2PpFjqIjF%2BKlx%2BHRqectRcM5BEUSZ4JSmoW9P%2BtsZvfyTNXmW9Cs%2Bv3JE8wipChwqxbfURCK7fB2VwDVEVreao41hG6py3qep1H%2F9mYb1WeTy8gBBcw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 7c91e0d0de7c9153-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
OPTIONS H2	204	13172d7e-afb2-4cdc-a131-2284eb85c901.json tags.relappro.com/v4/ Frame	0 0	526ms 417ms	Preflight text/plain	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.relappro.com/v4/13172d7e-afb2-4cdc-a131-2284eb85c901.json?cb=1684787 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.theyucatantimes.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c91e0ce3c399153-FRA content-length 0 content-type text/plain charset=UTF-8 date Thu, 18 May 2023 06:00:09 GMT default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self'; nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BuWPBHAR1r8zcZ0PezRYlkit8XHireJ1UalH%2FcQRUAwVf9wXpT6eHgZrM6RPxHICy2PZDXTJj9akOaE0I%2FtIqdPdbFFkTxDPhFlbkKONG3U1gfu5d7%2FPJU5UrzKVZso%2B50WEkmeiYzIn471dYh%2F4Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff
OPTIONS H2	204	a251fa8b-c3b3-428f-afbf-d637fa455304.json tags.relappro.com/v4/ Frame	0 0	524ms 416ms	Preflight text/plain	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.relappro.com/v4/a251fa8b-c3b3-428f-afbf-d637fa455304.json?cb=5312338 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.theyucatantimes.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c91e0ce3c3a9153-FRA content-length 0 content-type text/plain charset=UTF-8 date Thu, 18 May 2023 06:00:09 GMT default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self'; nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnxpLQdTjoPBKb3%2B36vbBlnKmwrzSVrqRNlAIM5%2BDNXfl5JydroVlsweqDPLTogZ7UFv0n4Xf%2BeWK7TPcyQ%2Fl64toDlWVP4KasW3%2Fs1if4TPVTmVD0SaTaa%2B3MDERI92B2i%2FIZO17%2BhLTIEo1mZScQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff
GET H2	200	embed_lib_v1.0.11.css lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/	4 KB 2 KB	47ms 47ms	Stylesheet text/css	23.10.249.145 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.10.249.145 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-10-249-145.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 6d583af date Thu, 18 May 2023 06:00:08 GMT content-encoding br gzip-server KFC x-tt-trace-tag id=16;cdn-cache=hit;type=static content-md5 zJ2Nyh55L+w+3gi0qlc5pw== x-check-cacheable YES x-cache TCP_MEM_HIT from a23-10-249-141.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 227,104.104.54.159 cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=6 content-length 1200 x-tos-request-id b8720aa1df30ba2063a1df30-af5440e x-tos-response-time Tue, 20 Dec 2022 16:13:36 GMT last-modified Thu, 03 Nov 2022 00:46:48 GMT server nginx x-tt-logid 2022122022312613342F1D3967930D99AF etag CP6J0dbkkPsCEAE= access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=1835214 access-control-allow-credentials false x-tt-trace-host 01233c87bf3a6fd854e461f4032aea3f75aa4311288ab27fac6a85cb532039d515810ef62bc584d969dabeb7b9df518b714566701405600085df11ac51d64dbaa01e26686beabd9317c164cb4181780839ed7955d7d17aaa7f5da5486c543ef0c70e2effb4b853ee41f0c1b05a02b110f01e09c114c8f59f19aed73628779a8306 timing-allow-origin * access-control-allow-headers *
GET H2	200	embed_lib_v1.0.11.js Show response lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/	15 KB 6 KB	45ms 45ms	Script application/javascript	23.10.249.145 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.10.249.145 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-10-249-145.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 6d583b0 date Thu, 18 May 2023 06:00:08 GMT content-encoding br gzip-server KFC x-tt-trace-tag id=16;cdn-cache=hit;type=static content-md5 6f9KK8Y3c/2Yh2WZTLuA2Q== x-check-cacheable YES x-cache TCP_MEM_HIT from a23-10-249-141.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_HIT cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=5 content-length 5147 x-tos-request-id b1c8828371065e2863837106-af54d97 x-tos-response-time Sun, 27 Nov 2022 14:15:34 GMT last-modified Thu, 03 Nov 2022 00:46:48 GMT server nginx etag CNX5z9bkkPsCEAE= access-control-max-age 86400 access-control-allow-methods GET,POST content-type application/javascript access-control-allow-origin * cache-control max-age=1294942 access-control-allow-credentials false x-tt-trace-host 01242414d9ebe6456cea19c464f6e95c0373795ebbbe3e7e15f6ccade1a3edf6e61bd937fb2b06f1450dbbb5f09962ca8e3b82c7378b007852bdfcb2e3e71b0d37dad5ba5dc9b392649357ba27d3a5d9d862fe853b759ef1dd0801103b99ffd25beb1fe8124700659b0aa722059967baefa852054399fa1c3751e7fab680275497 timing-allow-origin * access-control-allow-headers *
GET H2	200	7208968665885150469 Show response www.tiktok.com/embed/v2/ Frame C204	107 KB 19 KB	279ms 278ms	Document text/html	23.36.163.12 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Requested by Host: lf16-tiktok-web.ttwstatic.com URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-12.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9969fcaeafc1bf1d1b0bf33b603958c00b0a8daa419a444db50a91b2deb9797a Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, no-cache, no-store content-encoding br content-type text/html; charset=utf-8 date Thu, 18 May 2023 06:00:09 GMT expires Thu, 18 May 2023 06:00:09 GMT pragma no-cache server nginx server-timing cdn-cache; desc=MISS, edge; dur=87, origin; dur=148 inner; dur=144 x-akamai-request-id 1e70f93c.70befe9 x-cache TCP_MISS from a23-36-161-12.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-cache-remote TCP_MISS from a23-222-12-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-origin-response-time 149,23.222.12.5 x-parent-response-time 234,23.36.161.12 x-tt-logid 20230518060007B0272AD3C66C6507D5E2 x-tt-trace-host 017d0578f327b57d1558311a3c4228a5161fed304853715f87688b32e5926c6115c787b0f1f8b46f9665882b100ef05be4f8c1e9b216080ecbd65b1d0957950fd880ab893f8aeb832931aca1e03a0378419e1984a9f28f1e81c747a4300310c704896b89cae37dcb7c7148532e0e22332f x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET DATA	200 OK	truncated /	394 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	webmssdk.js Show response sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame C204	619 KB 186 KB	466ms 40ms	Script application/javascript	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 92961c0 date Thu, 18 May 2023 06:00:09 GMT content-encoding br x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 z6lb4ggvjhvby2nY7JSVRA== x-cache TCP_MEM_HIT from a2-16-202-71.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_MISS x-parent-response-time 1,23.206.213.18 cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=210 content-length 188901 x-tos-request-id ea484068ccaa9a3e6368ccaa-abf3427 x-tos-response-time Mon, 07 Nov 2022 09:15:22 GMT last-modified Mon, 07 Nov 2022 03:53:53 GMT server nginx etag "CLn13/mVm/sCEAE=" vary Accept-Encoding access-control-max-age 86400 content-type application/javascript access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=1677710 access-control-allow-credentials false x-tt-trace-host 011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911 timing-allow-origin * access-control-allow-headers *
GET H2	200	tiktok-embed.module.aabd7e28f2a793b9c153.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame C204	2 MB 544 KB	512ms 86ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.aabd7e28f2a793b9c153.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 4cc6214d96e53a0eb87cb9f0a5ba04c36a5f1cc8a2611dcf5526735a40829d75 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf7b4d date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 VYvKUSfUjZmKvo/k/uIksA== x-cache TCP_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=12 storage-tier Standard content-length 554621 last-modified Wed, 19 Apr 2023 02:22:11 GMT opc-request-id iad-1:RGgKdtNuRa-1MZLHysPd4Qd0Z-DlKvAlYEXv71xzmOQNdNQaXie_Bx5CnrvI_LTT x-api-id native etag 1a085fda-e7ba-4b0c-8098-72de4ea86ee7 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id b58fb61c-91e4-464a-a02d-e26763fe965a access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:09 GMT
GET H2	200	vendors~home.module.6de5f4bc30694ff4acf1.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame C204	156 KB 42 KB	470ms 44ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/vendors~home.module.6de5f4bc30694ff4acf1.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 97fefb71294cb7ab4a1181a7cfc01028ed148bb4eab73ea0046a5928c5acd16f Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf7b4e date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 uOKSfjNGPq2q5rqlx8zDIA== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 42085 last-modified Tue, 28 Mar 2023 20:11:41 GMT opc-request-id iad-1:quqtFwsh31ujJdqxaclRJntVdyKPQOn-8B7siLltyPr9r56v-IKfX1v_Ac53B043 x-api-id native etag cc2275f1-60d5-49dd-a60c-4a29bc8c99cb vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id 9f3bf896-68de-429a-a18c-1c7b44433440 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true timing-allow-origin * expires Sat, 17 Jun 2023 06:00:09 GMT
GET H2	200	home.module.83eba106ec6281acab52.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame C204	118 KB 30 KB	478ms 52ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/home.module.83eba106ec6281acab52.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 9c3c2dafd826c041ccd68cbdc3429052c72d2b3bd8a86274c63cc5d9da6927e6 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf7b52 date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 VbBa5jidIhqASHko08XIwg== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 30205 last-modified Wed, 19 Apr 2023 02:22:11 GMT opc-request-id iad-1:zTCW0UfVKjDMjovv6FZAaEKOVD1yK_fPfBQpao8YKFoBa7QZ1Vzlw0O1njLn1Nhl x-api-id native etag 5a609dd2-35b0-4502-a2aa-4f2f90dc4f6c vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id 79b4108d-282f-4bc3-bc42-f8eef1d0a89f access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:09 GMT
GET H2	200	index.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/ Frame C204	15 KB 5 KB	52ms 52ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/index.js Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash dd9e1f3629cc4bb2d6a365f6fa5006d36f93cc5f1971795aa3bba963cfa7582a Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf7d01 date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 XdZDIJaOpU4vW66Sh0MPiw== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 4377 last-modified Mon, 08 May 2023 07:49:08 GMT opc-request-id iad-1:yKYiEvIqtyg3vWV1FrE-Wa3z6otZwf3DWj9-utoz37hhi0HSSmgmY__qlwzGlmr3 x-api-id native etag fd02880e-9eb3-492e-a5db-18b645388343 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id aa56da13-a5b1-444c-8266-bca07ba05c03 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:09 GMT
GET H2	200	browser.maliva.js Show response sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame C204	43 KB 16 KB	238ms 40ms	Script application/javascript	2.16.202.115 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.202.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-115.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4719cbe8e9cc0c66c6ed1520f2b0b321b8af5052d8346dede240559ebf45e4fb Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 166f66b8 date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 c52g9KXsQnGIOZPRHjgB1w== x-cache TCP_MEM_HIT from a2-16-202-111.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_HIT server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=2 content-length 15260 x-tos-request-id 28f296658a140bb564658a14-a364814 x-tos-response-time Thu, 18 May 2023 02:14:44 GMT last-modified Thu, 18 May 2023 02:13:26 GMT server nginx x-tt-logid 20230518021458E719B96FB07A5E536E57 etag W/"CKT4n8zl/f4CEAE=" vary Accept-Encoding access-control-max-age 86400 content-type application/javascript access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=300 access-control-allow-credentials false x-tt-trace-host 01d59dfa44c227f51785ed5c985c4fef420fc1b41b577ed5a0ad4c57d85b45aa8ba12204d300f326ade924ba68d40b59ad7bf0fad2b606d157fd80e2f0d71541b4edbc3d9ab32281cde018013ade2d5215596df90c5cf196668257a775457c3b8d86e09c6cd1b63c35115edc8f145dd5966ba902b0766ec201b19f9dcaef3a8192 timing-allow-origin * access-control-allow-headers * expires Thu, 18 May 2023 06:05:09 GMT
GET H2	200	okWz5nSIkoe2B4YbEQQWYJkZzgRlCAf5DQWBBy p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/ Frame C204	52 KB 54 KB	251ms 54ms	Image image/jpeg	173.222.108.233 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p16-sign-va.tiktokcdn.com/obj/tos-maliva-p-0068/okWz5nSIkoe2B4YbEQQWYJkZzgRlCAf5DQWBBy?x-expires=1684411200&x-signature=4PusFrC1NvbNmobeA%2FvA8gitR8Q%3D Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.222.108.233 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a173-222-108-233.deploy.static.akamaitechnologies.com Software nginx / ImageX Resource Hash fdd69f8a00fb020991d6ec5ac08fffff1188a33a7612c229e1c95ed1b4eb4805 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 1b2378fc.7a212d45.239b35a date Thu, 18 May 2023 06:00:09 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=static x-check-cacheable YES nw-session-id 202305091955081E26F1A022DC9D541008srf6c21ff x-powered-by ImageX x-cache TCP_MISS from a173-222-108-229.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 5,184.27.176.13, 2,95.101.180.44, 8,173.222.108.229 cross-origin-resource-policy cross-origin akamai-mon-iucid-del 971653 server-timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=0, inner; dur=2 x-length 53708 content-length 53708 last-modified Tue, 09 May 2023 19:55:10 GMT server nginx x-tt-logid 202305091955081E26F1A022DC9D541008 x-response-date Tue, 09 May 2023 19:55:10 GMT x-cache-remote TCP_MISS from a95-101-180-44.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-) content-type image/jpeg access-control-allow-origin * nw-session-trace 2023-05-09T19:55:10.06026292Z 87 cache-control max-age=30808595 x-tt-trace-host 01f9b3e8a0759165879b31b6b8c4fafac792c1c6a86c0ea48b1f75722a5e0b9e1d6d38aca3cca0d15bc2a6373a34c10dbf222b47f4ea3de12e174f560c3666fe3a29ca4a0d2815ad96b4a1837b14592b00cb0e9339607d4a469617cbf35f543dc45eebc8a65758be161baf9e4745180cb1 imagex-fmt jpeg2jpeg timing-allow-origin *
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 4323	76 KB 25 KB	344ms 67ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a70b26f4937906b179e2ae377aaf5d2cc9eb2074b9e2f7dfa14f31dd385a08f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25360 x-xss-protection 0 server cafe etag 484 / 19495 / 31074644 / config-hash: 8928202743476736096 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 18 May 2023 06:00:09 GMT
GET H3	200	prebid.js Show response cdn.relappro.com/resources/js/ Frame 4323	310 KB 93 KB	53ms 53ms	Script application/javascript	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.relappro.com/resources/js/prebid.js Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14618f8404e64e17a7ea1bf32f16b0f66160b6acc27a855f06721f3b2854d7e4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers expires Wed, 24 May 2023 18:27:54 GMT date Thu, 18 May 2023 06:00:09 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 41534 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Wed, 09 Mar 2022 19:31:23 GMT server cloudflare etag W/"6229008b-4d83a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgJuPMwb%2BfKJzAr8QSxpfLj0gZzcr%2BjkVII04G4aISaXkxrldKJRoJpdw8KMbr%2FxatdHLXBEa9jFWaI18lWv38wB1fS1gKX2Sfmkzpfi%2Ff2jDHDfVSxFBDLWBj%2Bft7%2B2d1354nDAsM7vZlDIJP5A"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=604800, must-revalidate, proxy-revalidate cf-ray 7c91e0d1ebb02c42-FRA default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 6EBB	76 KB 25 KB	376ms 107ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8edfae7550d28bf26992774b3f0aea4084943cd98cd46dda2fbed1f2cb5c154 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25365 x-xss-protection 0 server cafe etag 280 / 19495 / m202305110101 / config-hash: 8928202743476736096 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 18 May 2023 06:00:09 GMT
GET H3	200	prebid.js Show response cdn.relappro.com/resources/js/ Frame 6EBB	310 KB 93 KB	85ms 85ms	Script application/javascript	2606:4700:3034::6815:38a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.relappro.com/resources/js/prebid.js Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:38a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14618f8404e64e17a7ea1bf32f16b0f66160b6acc27a855f06721f3b2854d7e4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers expires Wed, 24 May 2023 18:27:54 GMT date Thu, 18 May 2023 06:00:09 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 41534 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Wed, 09 Mar 2022 19:31:23 GMT server cloudflare etag W/"6229008b-4d83a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD5w%2BYzxBGNdQuC%2FTcK6ZGJlaJ1BKT5KhY%2Fhs45jzCNmP123FZZ1X96jVgLpabJ2KTC0c18PFDQUg3ZcPDYXK4%2BOFpGwppqpz5zLOr1p0kG%2BEXK9qR3XJAI1ticDl1iWv7IHX68UoKHbVfww66BH"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=604800, must-revalidate, proxy-revalidate cf-ray 7c91e0d1fbb92c42-FRA default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 4323	230 KB 57 KB	144ms 48ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:42:12 GMT content-encoding gzip via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront) last-modified Wed, 10 May 2023 21:23:07 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P3 age 1078 x-amz-server-side-encryption AES256 etag W/"e6af4658ab1a6fdde1f0066b27d5372e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id KHoGU-WDH3Q_C1xpZ9dnNg2BCc9aw1YJpoeZmt5lSuf3WlNaaobGxg==
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 4323	259 B 1 KB	306ms 224ms	XHR application/json	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash f28b993035d1634a0a3fc534a00f7493db0a7c95ba11c64b371ec2ab5f7b87cc Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:09 GMT AN-X-Request-Uuid 59e1a83d-f3b5-4f3c-9db8-dd09efe4101c Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.theyucatantimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 259 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 4323	9 KB 6 KB	367ms 254ms	XHR application/json	2602:803:c003:200::31 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24346&site_id=413916&zone_id=2327650&size_id=2&rf=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.ref=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.page=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.domain=theyucatantimes.com&tg_i.pbadslot=%2F260217354%2C22395387169%2Ftheyucatantimescom_theyucatantimes-com_728x90_prebid&tk_flint=pbjs_lite_v6.13.0&x_source.tid=83ac478a-e028-4fc3-8c8f-37f55bf0ab40&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3354655509546931 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 5906a53ba7aeee2c1f135009753c33b0bd06d7a507519251714f046b5791af2b Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.theyucatantimes.com p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 4323	457 B 797 B	279ms 166ms	XHR application/json	2602:803:c003:200::31 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24346&site_id=413916&zone_id=2327650&size_id=2&rf=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.ref=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.page=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.domain=theyucatantimes.com&tg_i.pbadslot=%2F260217354%2C22395387169%2Ftheyucatantimescom_theyucatantimes-com_728x90_prebid_01&tk_flint=pbjs_lite_v6.13.0&x_source.tid=461b00dc-ea56-4c60-b2fe-f0a188fecff1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.335525725454888 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 67edfe916226d151a374f2b432eea9e89c8c1749bcc8b7ebde97b320e355b8e2 Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 18 May 2023 06:00:09 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.theyucatantimes.com p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 457 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 6EBB	230 KB 57 KB	180ms 96ms	Script application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:42:12 GMT content-encoding gzip via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront) last-modified Wed, 10 May 2023 21:23:07 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P3 age 1078 x-amz-server-side-encryption AES256 etag W/"e6af4658ab1a6fdde1f0066b27d5372e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id WTg28GbduGloCDCDyjOljCuAs7N0OaRJzBSJg__b4JsS3EDHlK15NA==
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 6EBB	9 KB 5 KB	295ms 189ms	XHR application/json	2602:803:c003:200::31 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24346&site_id=413916&zone_id=2327650&size_id=10&rf=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.ref=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.page=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.domain=theyucatantimes.com&tg_i.pbadslot=%2F260217354%2C22395387169%2Ftheyucatantimescom_theyucatantimes-com_300x600_prebid&tk_flint=pbjs_lite_v6.13.0&x_source.tid=b8e57632-bb8c-4675-b353-1d4d1c3c71e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9767020658237027 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 04751020566a79578c19ba15adbbb7e1f56cfa83413055257321d02e08406af6 Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.theyucatantimes.com p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/ Frame 6EBB	9 KB 5 KB	271ms 166ms	XHR application/json	2602:803:c003:200::31 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24346&site_id=413916&zone_id=2327650&size_id=10&rf=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.ref=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.page=https%3A%2F%2Fwww.theyucatantimes.com%2F&tg_i.domain=theyucatantimes.com&tg_i.pbadslot=%2F260217354%2C22395387169%2Ftheyucatantimescom_theyucatantimes-com_300x600_prebid_01&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2bef8724-97dc-4424-84ed-98672e47b602&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0665392190388816 Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash c6f78fd2a516aefdd5c65c023b185329413132f1f827749bc1271d2b3ef0ce8c Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.theyucatantimes.com p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 6EBB	260 B 1 KB	319ms 240ms	XHR application/json	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash c974f2028dc90c83d9a939eaccd4b028e176cb248cc2e03058e6a9e2feec50b3 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:09 GMT AN-X-Request-Uuid b384483b-7b29-44f4-86e5-b9e01dbd103c Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.theyucatantimes.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 260 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ Frame 4323	408 KB 126 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 19:43:21 GMT content-encoding br x-content-type-options nosniff age 37008 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128722 x-xss-protection 0 server cafe etag 7615930951174331818 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 16 May 2024 19:43:21 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/ Frame 4323	98 B 98 B	154ms 62ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4ad724ee0c5d2d0b5abd4b793572a9adb071f19cea4114fa0c0f36caab1a5d50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73 x-xss-protection 0 expires Thu, 18 May 2023 06:00:09 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ Frame 6EBB	406 KB 125 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:39:35 GMT content-encoding br x-content-type-options nosniff age 1234 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128048 x-xss-protection 0 server cafe etag 352811828592807000 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 17 May 2024 05:39:35 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/ Frame 6EBB	98 B 98 B	67ms 62ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4ad724ee0c5d2d0b5abd4b793572a9adb071f19cea4114fa0c0f36caab1a5d50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73 x-xss-protection 0 expires Thu, 18 May 2023 06:00:09 GMT
GET H/1.1	206 Partial Content	/ v16-web-newkey.tiktokcdn.com/5e3b58669f0739f312e494ca5fc51e2d/64661364/video/tos/useast2a/tos-useast2a-pve-0068/oYkmJmtmYBth2A8RhBKRwfQANCEtQDbAeSmnDI/ Frame C204	97 KB 0	229ms 50ms	Media video/mp4	2.16.238.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://v16-web-newkey.tiktokcdn.com/5e3b58669f0739f312e494ca5fc51e2d/64661364/video/tos/useast2a/tos-useast2a-pve-0068/oYkmJmtmYBth2A8RhBKRwfQANCEtQDbAeSmnDI/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=1984&bt=992&cs=0&ds=3&ft=ApKJEBeUq8Zmoktfac_vjKS.LAhLrus&mime_type=video_mp4&qs=0&rc=N2g7OTc6ZWhnNTw7aGRpN0BpM2VndTs6ZjlwajMzNzczM0BiNV8vLjNfNWExL19hYzYxYSM2Mi5gcjQwNjJgLS1kMTZzcw%3D%3D&l=20230518060007B0272AD3C66C6507D5E2&btag=e00080000 Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.238.134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-238-134.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Referer https://www.tiktok.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Range bytes=0- Response headers X-Akamai-Request-ID 1a468467.11b30385 Date Thu, 18 May 2023 06:00:09 GMT X-Expires-MS 1683918017303 x-tt-trace-tag id=16;cdn-cache=miss;type=static X-Cache TCP_MISS from a2-16-237-134.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) X-Bdcdn-Cache-Status TCP_HIT Content-Range bytes 0-3564356/3564357 X-Parent-Response-Time 106,104.84.230.111, 126,2.19.197.46, 8,2.16.237.134 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=10, origin; dur=0, inner; dur=4 Content-Length 3564357 X-Storagegw-Request-Id 202305121853008AD87CC1A90F2467CAD9 Last-Modified Fri, 10 Mar 2023 17:20:58 GMT Server nginx X-TT-LOGID 202305121900155648AD756C2CE372C817 X-Cache-Remote TCP_HIT from a2-16-237-162.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) ETag "COri2+Dv0f0CEAE=" Content-Type video/mp4 Access-Control-Allow-Origin * X-Storagegw-Response-Time Fri, 12 May 2023 18:53:01 GMT Cache-Control max-age=15080058 Access-Control-Allow-Credentials true X-Origin-Response-Time 29,23.43.56.151 x-tt-trace-host 01e14cd28abf00cef57d46c77fb0d056043abdc610ee5209461bc4c7a58561ac4b00666342ec6fef7fa104634b00c8c8035083169d954979eeb65a63047edff65206336f3baded4b713c39d84e725c4c488e9a9c152d367916fb22977d0fc2bfae5d690781d1ee8736af74dcc36b6324ae979bca08896ea45399ec49c489fc36deff3f143a355ea0906b37298db743f124 Accept-Ranges bytes
GET H/1.1	206 Partial Content	/ v16-web-newkey.tiktokcdn.com/5e3b58669f0739f312e494ca5fc51e2d/64661364/video/tos/useast2a/tos-useast2a-pve-0068/oYkmJmtmYBth2A8RhBKRwfQANCEtQDbAeSmnDI/ Frame C204	3 MB 3 MB	226ms 48ms	Media video/mp4	2.16.238.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://v16-web-newkey.tiktokcdn.com/5e3b58669f0739f312e494ca5fc51e2d/64661364/video/tos/useast2a/tos-useast2a-pve-0068/oYkmJmtmYBth2A8RhBKRwfQANCEtQDbAeSmnDI/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=1984&bt=992&cs=0&ds=3&ft=ApKJEBeUq8Zmoktfac_vjKS.LAhLrus&mime_type=video_mp4&qs=0&rc=N2g7OTc6ZWhnNTw7aGRpN0BpM2VndTs6ZjlwajMzNzczM0BiNV8vLjNfNWExL19hYzYxYSM2Mi5gcjQwNjJgLS1kMTZzcw%3D%3D&l=20230518060007B0272AD3C66C6507D5E2&btag=e00080000 Requested by Host: www.tiktok.com URL: https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.238.134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-238-134.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 49d139882eb241e20983056fd591595c2e1decaaa736d0cd2e9e7dc6436d25c5 Request headers Referer https://www.tiktok.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Range bytes=0- Response headers X-Akamai-Request-ID 1a456e64.11b30386 Date Thu, 18 May 2023 06:00:09 GMT X-Expires-MS 1683918017303 x-tt-trace-tag id=16;cdn-cache=miss;type=static X-Cache TCP_MISS from a2-16-237-134.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) X-Bdcdn-Cache-Status TCP_HIT Content-Range bytes 0-3564356/3564357 X-Parent-Response-Time 106,104.84.230.111, 126,2.19.197.46, 7,2.16.237.134 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=0, inner; dur=4 Content-Length 3564357 X-Storagegw-Request-Id 202305121853008AD87CC1A90F2467CAD9 Last-Modified Fri, 10 Mar 2023 17:20:58 GMT Server nginx X-TT-LOGID 202305121900155648AD756C2CE372C817 X-Cache-Remote TCP_HIT from a2-16-237-162.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) ETag "COri2+Dv0f0CEAE=" Content-Type video/mp4 Access-Control-Allow-Origin * X-Storagegw-Response-Time Fri, 12 May 2023 18:53:01 GMT Cache-Control max-age=15080037 Access-Control-Allow-Credentials true X-Origin-Response-Time 29,23.43.56.151 x-tt-trace-host 01e14cd28abf00cef57d46c77fb0d056043abdc610ee5209461bc4c7a58561ac4b00666342ec6fef7fa104634b00c8c8035083169d954979eeb65a63047edff65206336f3baded4b713c39d84e725c4c488e9a9c152d367916fb22977d0fc2bfae5d690781d1ee8736af74dcc36b6324ae979bca08896ea45399ec49c489fc36deff3f143a355ea0906b37298db743f124 Accept-Ranges bytes
GET H2	200	core.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/ Frame C204	62 KB 21 KB	52ms 52ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/core.js?globalName=__PNS_RUNTIME__ Requested by Host: sf16-website-login.neutral.ttwstatic.com URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/index.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 967c447afb76c6ed8e83dae823706dc35050266d5fcab98e8ff1bde5a0822afa Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf7e20 date Thu, 18 May 2023 06:00:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 1r433j+kj+P8uRodPozJ9A== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 20820 last-modified Mon, 08 May 2023 07:49:08 GMT opc-request-id iad-1:be4BdSsm3KHsdKm6ntykTRYXO3JZzEGtMD3bnbGej7FdSpM-NBNDCGuGhMcLQH1k x-api-id native etag 9ca76320-21a8-4cfe-a06b-1028e6d2dee1 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id 03492665-e277-42da-9c9d-54f9dd5e76e5 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:09 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 4323	0 316 B	45ms 45ms	XHR text/plain	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theyucatantimes.com&pubid=cbd6f0c1-b37c-4bfa-8a01-8d245df70c15 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 01:43:43 GMT via 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 15385 x-cache Hit from cloudfront access-control-allow-origin https://www.theyucatantimes.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id 0Vz1aK_jzmXeIk2cyfvax8dt62R32jQqCLCOCA6tCyCoGnaXmLskBg==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/ Frame 4323	23 B 469 B	254ms 82ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theyucatantimes.com%2F&pid=VPsX2QGeZmBDu&cb=0&ws=728x90&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22ad_EdSwEdpO_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22260217354%2Ftheyucatantimescom_theyucatantimes-com_728x90_prebid%22%7D%2C%7B%22sd%22%3A%22ad_azqt9w9D_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22260217354%2Ftheyucatantimescom_theyucatantimes-com_728x90_prebid_01%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=cbd6f0c1-b37c-4bfa-8a01-8d245df70c15&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid ZJ4JZJDA5D9TWZ4GCPHY vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id brPfSD-swYIMbwlCpdmCY_1bZf2Vy51dexHhgsY6UJpcIVvJ5LHajA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4323	6 KB 3 KB	122ms 40ms	XHR application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-amz-version-id yHpogsakS7iCluwAmUa6Y9ccBYm32d5h content-encoding gzip via 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront) date Wed, 17 May 2023 21:31:59 GMT x-amz-cf-pop FRA56-P3 age 30491 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 11 May 2023 21:16:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id 5lniJtwKnmY5uFgaDhwK67QT10njD-8CiYLQxnFSN_gvWphD3LL_uA==
POST H/1.1	200 OK	webid Show response mcs-va.tiktok.com/v1/user/ Frame C204	58 B 1 KB	142ms 141ms	XHR application/json	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/user/webid Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c78e65e1cd165563b329c140d4234553032fb81c4938cefe7dc0c07e8c37b968 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers X-Akamai-Request-ID 1a058fd.291dc8e5 Date Thu, 18 May 2023 06:00:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Parent-Response-Time 96,2.16.1.46 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=85, origin; dur=12, inner; dur=8 Content-Length 58 Pragma no-cache Server nginx X-Tt-Logid 202305180600098825EBD91B43A779BDD9 X-Cache-Remote TCP_MISS from a23-220-105-211.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) Access-Control-Max-Age 1800 Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.tiktok.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true X-Origin-Response-Time 12,23.220.105.211 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b05131ae662b57779f799a0248ba29ab4121e2ffe2a514c9c7de5380cc31a1d784011f4422d00e7a53463cb35741c4d3b617b9766657f009c667b7dcc9e1731e9467a0b7f14109069a46d2b5e2c8bbb0dee Expires Thu, 18 May 2023 06:00:10 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 6EBB	0 317 B	41ms 40ms	XHR text/plain	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theyucatantimes.com&pubid=cbd6f0c1-b37c-4bfa-8a01-8d245df70c15 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 01:43:43 GMT via 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 age 15385 x-cache Hit from cloudfront access-control-allow-origin https://www.theyucatantimes.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id DcNJc13H80_aJ3HkzM92Rj28HT7vajrf5heq_GklxALGRflGNktRmQ==
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/ Frame 6EBB	23 B 466 B	116ms 88ms	XHR text/javascript	52.222.253.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theyucatantimes.com%2F&pid=YnDkTZMp4B8Hb&cb=0&ws=300x600&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22ad_IusuBaq1_0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22260217354%2Ftheyucatantimescom_theyucatantimes-com_300x600_prebid%22%7D%2C%7B%22sd%22%3A%22ad_PC82aFCm_1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22260217354%2Ftheyucatantimescom_theyucatantimes-com_300x600_prebid_01%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=cbd6f0c1-b37c-4bfa-8a01-8d245df70c15&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.253.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-253-136.fra60.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA60-P3 x-amz-rid 63MNFYPPTX3JHXJ36AP2 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id C7l2IeotJjgiP5Ndjp5fIS5wkueH1f4CfvHhtp9gD8tvbFReWXFFew==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6EBB	6 KB 3 KB	41ms 41ms	XHR application/javascript	52.222.208.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.208.154 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-208-154.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-amz-version-id yHpogsakS7iCluwAmUa6Y9ccBYm32d5h content-encoding gzip via 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront) date Wed, 17 May 2023 21:31:59 GMT x-amz-cf-pop FRA56-P3 age 30491 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 11 May 2023 21:16:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id J3UXRYdVJ86w2ShUgwAsobYfLSEza48dprymMqxjJCJ98TKyRmYBrg==
OPTIONS H/1.1	200 OK	webid mcs-va.tiktok.com/v1/user/ Frame	0 0	282ms 168ms	Preflight	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/user/webid Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Access-Control-Allow-Origin https://www.tiktok.com Access-Control-Max-Age 1800 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Date Thu, 18 May 2023 06:00:10 GMT Expires Thu, 18 May 2023 06:00:10 GMT Pragma no-cache Server nginx Server-Timing cdn-cache; desc=MISS, edge; dur=97, origin; dur=31 inner; dur=2 X-Akamai-Request-ID 97d0437e.291dc879 X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Cache-Remote TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Origin-Response-Time 31,23.220.105.199 X-Parent-Response-Time 127,2.16.1.46 X-Tt-Logid 202305180600090C5F504E451F4C6D64A3 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b05131ae662b57779f799a0248ba29ab412479afaf13b98ab216948986b61e71a1d049cb898ec373e7e5d45d2b08892e1baf062ea503f5759e6d7d2ec669d30814a0aa395cdfddb14fe4cca99e09db0d432d0a2a8695d8cacbddacb649ca7833094 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 4323	107 B 531 B	157ms 52ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 4323	107 B 456 B	157ms 53ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 4323	757 B 419 B	220ms 219ms	XHR text/plain	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3678880540948459&correlator=4161747951803199&eid=31074644&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fif&iu_parts=260217354%3A22395387169%2Ctheyucatantimescom_theyucatantimes-com_728x90_prebid&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=262263287&sfv=1-0-40&prev_scp=interests%3Dwww%2Ctheyucatantimes%2Cthe%2Cyucatan%2Ctimes%2Cyucatan%2Cnews%2Cpolitics%2Ceconomics%2Cand%2Cheavy%2Crainfall%2Cnorthern%2Citaly%2Chas%2Cled%2Cspeculation%2Cthat%2Cthis%2Cemilia%2Cromagna%2Cgrand%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.02%26hb_adid_rubicon%3D7194516464070d%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D7194516464070d%26hb_bidder%3Drubicon&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1684389610100&dlt=1684389609248&idt=708&adxs=436&adys=341&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=lexxs8nwn12f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&top=www.theyucatantimes.com&frm=23&vis=1&psz=728x-1&msz=728x-1&fws=256&ohw=0&ea=0&ga_vid=1446387792.1684389609&ga_sid=1684389610&ga_hid=409296066&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a6a10656acd51544c45908b1621ced696ec69364338ce5d9d9b5d9af670b5b37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 389 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 4323	15 KB 11 KB	167ms 56ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 34659e7ebf030949702104dfd583a5f51c877168dd99d59fb738c7a59ec2885c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11265 x-xss-protection 0
GET H2	200	container.html Show response 2efd1eb6359585a3da3209c00bfcfe64.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D37	6 KB 3 KB	183ms 48ms	Document text/html	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2efd1eb6359585a3da3209c00bfcfe64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:10 GMT expires Fri, 17 May 2024 06:00:10 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 6EBB	107 B 165 B	144ms 66ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 6EBB	107 B 165 B	144ms 66ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 6EBB	759 B 419 B	283ms 283ms	XHR text/plain	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=728358751427467&correlator=3033859337984674&eid=31072020%2C31072879%2C31074534&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&iu_parts=260217354%3A22395387169%2Ctheyucatantimescom_theyucatantimes-com_300x600_prebid&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=514476418&sfv=1-0-40&prev_scp=interests%3Dwww%2Ctheyucatantimes%2Cthe%2Cyucatan%2Ctimes%2Cyucatan%2Cnews%2Cpolitics%2Ceconomics%2Cand%2Cheavy%2Crainfall%2Cnorthern%2Citaly%2Chas%2Cled%2Cspeculation%2Cthat%2Cthis%2Cemilia%2Cromagna%2Cgrand%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D8a4120e87ce03d%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D8a4120e87ce03d%26hb_bidder%3Drubicon%26amznbid%3D2%26amznp%3D2&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1684389610126&dlt=1684389609257&idt=789&adxs=1075&adys=2334&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=rk9bqn12rg09&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&top=www.theyucatantimes.com&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1446387792.1684389609&ga_sid=1684389610&ga_hid=432532672&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db59256dda38283ca3480b7aed824090a178854e90abfd1ba464e531ccbe1d54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 389 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 6EBB	15 KB 11 KB	149ms 62ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1a23e221fa7657c9c57740fa8141716652145db17816914f99ad4459961d68b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11274 x-xss-protection 0
GET H2	200	container.html Show response 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2D5	6 KB 3 KB	177ms 48ms	Document text/html	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:10 GMT expires Fri, 17 May 2024 06:00:10 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	devtools.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/ Frame C204	35 KB 11 KB	164ms 41ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema Requested by Host: sf16-website-login.neutral.ttwstatic.com URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.319/core.js?globalName=__PNS_RUNTIME__ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash a28299bebe468622310c700bf1e596eaadd1fb001917fc409f13c434de9f077c Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8253 date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 qqgQKyMyqxCY0VVT/7ywkg== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 10213 last-modified Mon, 08 May 2023 07:49:08 GMT opc-request-id iad-1:VX-2qmapUNzS7n5JaRc7fk5XYIxrkUL8NdW_3HG1eOBQ6-3UZuCaCfPCf8DxT7dZ x-api-id native etag 3a8d1621-1e60-46c4-9bdf-7fc0c77b6243 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id 99f9a616-8ad6-45ad-a7c0-40bdb6685e3e access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:10 GMT
GET H2	200	browser-settings Show response mon-va.byteoversea.com/monitor_web/settings/ Frame C204	1 KB 1 KB	231ms 138ms	XHR application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1 Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 86f1edb4afa9ae46be16b919e55400be0f888ba2444b23c1d07d8385a9c8686c Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers x-akamai-request-id 7531473.1ca0b2ef date Thu, 18 May 2023 06:00:10 GMT access-control-request-method POST,GET,OPTIONS content-encoding gzip upstream-caught 1684389610575265 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-parent-response-time 98,95.101.54.239 server-timing cdn-cache; desc=MISS, edge; dur=86, origin; dur=12, inner; dur=1 content-length 387 server nginx x-tt-logid 20230518060009B7BD789E3B1054ADE63E x-cache-remote TCP_MISS from a23-43-56-167.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) access-control-max-age 600 vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.tiktok.com cache-control public, max-age=600 access-control-allow-credentials true x-origin-response-time 12,23.43.56.167 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede001c2ac1e0007260508d1e9420d100d7cad35e6cf73dbd2b434dbc6c51a0b658d17003808aad665c07df1ce112e09dda5adac3eaec7e1263368ed48943fb86d679 access-control-allow-headers Content-Type
OPTIONS H2	200	browser-settings mon-va.byteoversea.com/monitor_web/settings/ Frame	0 0	268ms 148ms	Preflight application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-origin https://www.tiktok.com access-control-max-age 600 access-control-request-method POST,GET,OPTIONS cache-control public, max-age=600 content-encoding gzip content-length 386 content-type application/json; charset=utf-8 date Thu, 18 May 2023 06:00:10 GMT server nginx server-timing cdn-cache; desc=MISS, edge; dur=84, origin; dur=16 inner; dur=4 upstream-caught 1684389610334358 vary Origin, Accept-Encoding x-akamai-request-id a1a3362.1ca0b284 x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-cache-remote TCP_MISS from a23-43-56-127.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-origin-response-time 16,23.43.56.127 x-parent-response-time 100,95.101.54.239 x-tt-logid 2023051806000970CAC79A1CD22BCB34CB x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede00a80f4a52343e3ed9654e9e0112e698e414b64cc6dd75e2b90ebc8c0dc002956f38888d581e07a63fe03fec87426d597630dbefc381cfbded36815a6855d48356e2730fe43167dcaedb9f8afb33d08373 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 4323	17 KB 7 KB	154ms 61ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 18 May 2023 06:00:10 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 6EBB	17 KB 6 KB	180ms 119ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 18 May 2023 06:00:10 GMT
GET H2	200	img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame C204	2 KB 2 KB	43ms 43ms	Image image/svg+xml	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-logo-colorful-6e578f33c94fb378e31eb676c51d6ac2.svg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 6820dc5a852a390b26eaa791f6f9f9b976fa0ba6c17412089b25946d7d9de99c Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf831d date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 blePM8lPs3jjHrZ2xR1qwg== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 1134 last-modified Wed, 19 Apr 2023 02:22:11 GMT opc-request-id iad-1:OBtzhnY-S02y33xfgkCGXAxJpbDLvVuInWx98Z64vUNZww0vgLu1G8BKwhUlcbCB x-api-id native etag f068d60e-960c-4315-8186-62b8b0f305fd vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type image/svg+xml version-id 15b3c7b0-91da-4e71-8d5c-36ba423cdf72 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:10 GMT
GET H2	200	7d24e67c5fef46b3d51685a4a9215b00~c5_100x100.jpeg p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ Frame C204	2 KB 3 KB	48ms 47ms	Image image/jpeg	173.222.108.233 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/7d24e67c5fef46b3d51685a4a9215b00~c5_100x100.jpeg?x-expires=1684562400&x-signature=MG1SIAcGLWy4zg%2BcD3dHfIkZ9L8%3D Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.222.108.233 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a173-222-108-233.deploy.static.akamaitechnologies.com Software nginx / ImageX Resource Hash 787931f78d1676e1f1f6499b47625a059c48ea5a67799884dd9ae6df525c6c3e Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 124bf45.239b392 date Thu, 18 May 2023 06:00:10 GMT x-crop-loc (95,0)-(1084,989) x-check-cacheable YES x-tt-trace-tag id=16;cdn-cache=miss;type=static nw-session-id 202305020733540C18ABDFFAD49F8B1AD3k7bv421ff x-powered-by ImageX x-cache TCP_MISS from a173-222-108-229.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 2,173.222.108.229 cross-origin-resource-policy cross-origin akamai-mon-iucid-del 971653 server-timing cdn-cache; desc=MISS, edge; dur=2, origin; dur=0, inner; dur=0 x-length 1928 content-length 1928 last-modified Tue, 02 May 2023 07:33:55 GMT server nginx x-tt-logid 202305020733540C18ABDFFAD49F8B1AD3 x-response-date Tue, 02 May 2023 07:33:55 GMT x-cache-remote TCP_HIT from a173-222-108-245.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) content-type image/jpeg access-control-allow-origin * nw-session-trace 2023-05-02T07:33:55.721329194Z 165 cache-control max-age=30159344 x-tt-trace-host 016aa22025799134bc5c46a7f7ec6fc96f57a98157747c2a65d04deccdb0310a10b5e0972299c523dde45c9270263659118f43af3f0aa093a0b4bb27efcaf44fe27fbd97a8c4505ec5aea40dbc7671f742eb92792aabb3a97cbef458ca95e77e7005229994a7398a215d577b218f82192b imagex-fmt jpeg2jpeg timing-allow-origin *
GET H2	200	img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame C204	1 KB 1 KB	43ms 42ms	Image image/svg+xml	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-banner-comment-d1335fb135de82a0a6b923df2e515c06.svg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 5f5beabf59a0f4c1c28f05dd34047cd1f401f146b85eebbaa7ab8d971f075e64 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8324 date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 0TNfsTXegqCmuSPfLlFcBg== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 498 last-modified Mon, 13 Mar 2023 07:31:35 GMT opc-request-id iad-1:m0GIjFt3Ps7woDLBqdr-jRtHfPm7r-JsbKQRelxSMhG9zWvC_n-URjlMPatiJ5Al x-api-id native etag a46be6b4-3a56-4f56-a08c-b075595e74fa vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type image/svg+xml version-id d7bcc33d-b013-48d1-af69-9ecd2ed9bd4d access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true x-origin-response-time 388,23.33.32.237 accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:10 GMT
GET H2	200	img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame C204	647 B 1 KB	44ms 43ms	Image image/svg+xml	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-music-26847fc3f0c6f8b667c268b0c0a2bd0f.svg Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash d858782d53337cb280fd29487a8c25544984a1abc8619d4fc3535e4458101d1f Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8327 date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 JoR/w/DG+LZnwmiwwKK9Dw== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 368 last-modified Wed, 29 Mar 2023 17:02:30 GMT opc-request-id iad-1:fYffFJ4qPHKyIt8OPVGH7Q6IjtYBIaRcdi7lTBOSrn8bleOInK5WzMWQaWBefrEj x-api-id native etag ae169bad-5c45-4ac9-a279-c27ed8cf3e42 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type image/svg+xml version-id fed294fd-e671-430e-bf00-a98cfcde7421 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true x-origin-response-time 941,23.62.9.139 accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:10 GMT
GET H2	200	sofiapro-regular.otf lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame C204	155 KB 156 KB	784ms 57ms	Font application/font-sfnt	2.16.62.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/sofiapro-regular.otf Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.62.18 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-62-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 896a3c4 date Thu, 18 May 2023 06:00:11 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 83df79xiq+PWX4rXEbw2eg== x-cache TCP_MEM_HIT from a2-16-62-14.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_MISS cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=264 content-length 158708 x-tos-request-id f6a007c92e64861163c92e64-af5442d x-tos-response-time Thu, 19 Jan 2023 11:49:56 GMT last-modified Mon, 28 Nov 2022 03:57:08 GMT server nginx x-tt-logid 202301191149553BD5D4E3FCF5BB6D38C5 etag CIDdiOz9z/sCEAE= access-control-max-age 86400 access-control-allow-methods GET,POST content-type application/font-sfnt access-control-allow-origin * cache-control max-age=2190020 access-control-allow-credentials false x-tt-trace-host 01007686ada161435861768913aec008e77325652bbf438f25d75622aef18a611601f421c614aa19ef3785b99fb90d135d7280e0155b790c134f80dfd435936f8a14b06dda64cb78ea3039165ace67117e7b450d1d17228f73ba7c7b58383fab9975864735bb580f86f8fa3c3558dd62182062a664ea84a0dcd84eb1187c173aee timing-allow-origin * access-control-allow-headers *
GET H2	200	Proxima-Nova-Semibold.woff2 lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame C204	20 KB 21 KB	775ms 49ms	Font font/woff2	2.16.62.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/Proxima-Nova-Semibold.woff2 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.62.18 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-62-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 76680efd61dc1f00144c9af7adb317cc0642fe53282525e7e35806a12e74a084 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 896a3c5 date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 Sio5a2TUlhXk5hdYEjB9Lg== x-cache TCP_MEM_HIT from a2-16-62-14.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_HIT cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=4 content-length 20428 x-tos-request-id b02cc99cdb7cbd65639cdb7c-af54426 x-tos-response-time Fri, 16 Dec 2022 20:56:28 GMT last-modified Mon, 28 Nov 2022 03:57:08 GMT server nginx etag CIHxguz9z/sCEAE= vary Accept-Encoding access-control-max-age 86400 content-type font/woff2 access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=976871 x-origin-response-time 151,23.59.247.44 access-control-allow-credentials false x-tt-trace-host 019727dce3c1acfad986438046fe106d1181095077ae0f0d7a67e2162716564a5ed9d0d24716ccdf86972a5e113012ae6eff934459d42c55f28a26449c1af20aa35da68d011272fd3cee0a8fd74f3331f263a7ceaee00863718a770227d63537ef95252ce2079504adbe9102820427d630 accept-ranges bytes timing-allow-origin * access-control-allow-headers *
GET H2	200	Proxima-Nova-Regular.woff2 lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ Frame C204	21 KB 22 KB	772ms 47ms	Font font/woff2	2.16.62.18 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://lf16-tiktok-common.ttwstatic.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/Proxima-Nova-Regular.woff2 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.62.18 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-62-18.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 29a734dbe0c87dca942095cf4038b7a2519fb48ff2e06d1f49b8d8854493ac35 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 896a3c6 date Thu, 18 May 2023 06:00:11 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 SvWbAmfbEyPKXZVTcUBHkw== x-cache TCP_MEM_HIT from a2-16-62-14.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_HIT x-tos-storage-class Standard cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=2 content-length 21908 x-tos-request-id 96bc26597f0e68e3-af544a3 x-tos-response-time Fri, 15 Apr 2022 14:19:58 GMT last-modified Tue, 29 Mar 2022 06:30:26 GMT server nginx etag "4af59b0267db1323ca5d955371404793" access-control-max-age 86400 access-control-allow-methods GET,POST content-type font/woff2 access-control-allow-origin * cache-control max-age=2448750 access-control-allow-credentials false x-tt-trace-host 01f3382c0e19c09f806951c0a82bfd9ca5e057435cac1be13c74bba56caf15e07f21dfd55eeaccfdfc56a96283033165363119b7e3cdedbecd63a80db4bc72aee8d752a54f47885693cc83cd692498fa1e76638bb08b54d18acb5f4cf13f757e8def79ed56d729d88d9aac9d5733f628c6c4e6cb47972cd9299ecbca19cc3101f4 accept-ranges bytes timing-allow-origin * access-control-allow-headers *
GET H2	200	common-monitors.1.6.0.js Show response sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame C204	20 KB 8 KB	127ms 40ms	Script application/javascript	2.16.202.115 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.6.0.js Requested by Host: sf16-short-va.bytedapm.com URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.202.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-115.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2c727930e54faec7d739f50552bebc098d83e1346cdb2b0fd3f16f7d1e2677b8 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 166f6731 date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 fZkvH5P8pjzUka1HrucGTw== x-cache TCP_MEM_HIT from a2-16-202-111.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 6,23.213.33.72 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=1 content-length 7497 x-tos-request-id 3ba44b658a162d2f64658a16-ad63482 x-tos-response-time Thu, 18 May 2023 02:14:46 GMT last-modified Thu, 18 May 2023 02:13:26 GMT server nginx x-tt-logid 202305180215001FEE6BC54C66D554EB17 etag W/"CM3qoMzl/f4CEAE=" vary Accept-Encoding access-control-max-age 86400 content-type application/javascript access-control-allow-origin * access-control-allow-methods GET,POST cache-control max-age=300 access-control-allow-credentials false x-tt-trace-host 0139ee29b05a9b748aa533fffe35364a33a4565c575da835e596e802e520d3b20660d8bf2cc69c1a5287dbf87a5c076d8e2e0b8a74bd41651643a3c0645f868d312324bd3977fb1eda6c840507d7f16bb5887d3619cac1a0c5e8793588d2f04b9921d474db70c4cb9dcbf885bfecef3675 timing-allow-origin * access-control-allow-headers * expires Thu, 18 May 2023 06:05:10 GMT
OPTIONS H/1.1	200 OK	/ vmweb-va.byteoversea.com/service/2/abtest_config/ Frame	0 0	837ms 140ms	Preflight application/json	2.16.241.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vmweb-va.byteoversea.com/service/2/abtest_config/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.241.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Access-Control-Allow-Headers Content-Type,Content-Length, Authorization, Accept,X-Requested-With Access-Control-Allow-Methods PUT,POST,GET,DELETE,OPTIONS Access-Control-Allow-Origin * Access-Control-Max-Age 3600 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 60 Content-Type application/json; charset=utf-8 Date Thu, 18 May 2023 06:00:11 GMT Expires Thu, 18 May 2023 06:00:11 GMT Pragma no-cache Server nginx Server-Timing cdn-cache; desc=MISS, edge; dur=89, origin; dur=5 inner; dur=2 X-Akamai-Request-ID e1bad65.5a0e0e17 X-Cache TCP_MISS from a2-16-240-83.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Cache-Remote TCP_MISS from a104-96-220-21.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-) X-Origin-Response-Time 5,104.96.220.21 X-Parent-Response-Time 94,2.16.240.83 X-Tt-Logid 2023051806001059C11DBE0E632FA93695 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b05c0a325f7f8465794a71615ae6ce6c1e73c2a131737513022215db934f3ac406328ea952bba72125fd1b52611d94f772b909f6d8c640c964d3a8b7d28936627a223f20a2d6b1c40582881f4eb7e60fbda x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
POST H/1.1	200 OK	/ Show response vmweb-va.byteoversea.com/service/2/abtest_config/ Frame C204	496 B 2 KB	135ms 135ms	XHR application/json	2.16.241.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vmweb-va.byteoversea.com/service/2/abtest_config/ Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.241.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f7cb943520425d144a0d138ff2147a86327414c9a25d42d950c7b8e101299206 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers X-Akamai-Request-ID bcfc298.5a0e0ee9 Date Thu, 18 May 2023 06:00:11 GMT Content-Encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn X-Cache TCP_MISS from a2-16-240-83.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Parent-Response-Time 95,2.16.240.83 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=84, origin; dur=11, inner; dur=6 Content-Length 297 Pragma no-cache Server nginx X-Tt-Logid 2023051806001056AF1937A60566A7874A X-Cache-Remote TCP_MISS from a23-48-215-141.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) Access-Control-Max-Age 3600 Access-Control-Allow-Methods PUT,POST,GET,DELETE,OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store X-Origin-Response-Time 11,23.48.215.141 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b05773c1468210d095b50ac72ef957acd48dc7630236eafbf6be17b8673a4ddbb5d5080f51f57a38850cf6f9e7b35a8e4030c4f4b519f284e5346ec35623248c0f264b6f8bc53c4e2cc6d2bf1ccc7f3ec0a Vary Accept-Encoding Access-Control-Allow-Headers Content-Type,Content-Length, Authorization, Accept,X-Requested-With Expires Thu, 18 May 2023 06:00:11 GMT
POST H/1.1	200 OK	list Show response mcs-va.tiktok.com/v1/ Frame C204	21 B 1012 B	128ms 128ms	XHR application/json	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers X-Akamai-Request-ID 291dc9fc Date Thu, 18 May 2023 06:00:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) Server-Timing inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=87 Connection keep-alive Content-Length 21 Pragma no-cache Server nginx X-Tt-Logid 20230518060009A376C2416C572965863F Access-Control-Max-Age 1800 Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.tiktok.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true X-Origin-Response-Time 88,2.16.1.46 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b057723e57f84f01dcf62c741629df56f73e6bba861f1c4a497b5fb333e39ae325eaf3003bde84732ffacd2ab5ed7faad0fa961a4981cbf6a40e6f943bcb32b20ad Expires Thu, 18 May 2023 06:00:10 GMT
OPTIONS H/1.1	200 OK	list mcs-va.tiktok.com/v1/ Frame	0 0	130ms 129ms	Preflight	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Access-Control-Allow-Origin https://www.tiktok.com Access-Control-Max-Age 1800 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Date Thu, 18 May 2023 06:00:10 GMT Expires Thu, 18 May 2023 06:00:10 GMT Pragma no-cache Server nginx Server-Timing cdn-cache; desc=MISS, edge; dur=81, origin; dur=9 inner; dur=3 X-Akamai-Request-ID 7d92ed9f.291dc96c X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Cache-Remote TCP_MISS from a23-39-229-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Origin-Response-Time 9,23.39.229.13 X-Parent-Response-Time 89,2.16.1.46 X-Tt-Logid 2023051806000944582BBA79C6678E2648 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b0517cc1818661b0378c602ad68c055a1db7c9a5ab208952ae2cbdf3bce015c32f145a5e0ceadfc960287be08a50b58ecb044392fd1f1e9b4806ee5a7e026378bd366f979bd04adc534f69957c5e68daa88 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame DDBA	13 KB 5 KB	57ms 42ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1232 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 05:39:39 GMT expires Fri, 17 May 2024 05:39:39 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 60CB	783 B 1 KB	137ms 49ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 79086da9dfd2ccd1ebfd2445a5f12c5b7081e9d4ed5e3c9d9c7c72d3923862a9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YW3aHrxmzlxHPrrwOiTYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-YW3aHrxmzlxHPrrwOiTYNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:11 GMT expires Thu, 18 May 2023 06:00:11 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C29	13 KB 5 KB	60ms 46ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1232 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 05:39:39 GMT expires Fri, 17 May 2024 05:39:39 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 2029	783 B 742 B	137ms 51ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2ae4a4e28dd8c6b2ade434a5cc83e860580637c0d6cea8fd6e2a3b97dcd37dcd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IjCQwkDGoWcZ3it-cJHUig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-IjCQwkDGoWcZ3it-cJHUig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:11 GMT expires Thu, 18 May 2023 06:00:11 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET DATA	200 OK	truncated / Frame C204	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	resource Show response mssdk-va.byteoversea.com/web/ Frame C204	519 B 2 KB	435ms 148ms	XHR application/json	95.101.111.183 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mssdk-va.byteoversea.com/web/resource?eq=z298LQXQmtRCcfIBTHfIPM-rffTpazBkxRePPDG2u-DABbg0hwLk/NaITPUjknakVq1LSimq7rfgfpmrnHuuhXWK6odOkVOv Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.101.111.183 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-111-183.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2c2e5ea0a470be9c6d22ca0e425a0e8457be4f1fa665a228746f2db956a1471f Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers X-Akamai-Request-ID 6a5c171.2a7b924c Date Thu, 18 May 2023 06:00:11 GMT Content-Encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn X-Cache TCP_MISS from a2-23-208-183.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Parent-Response-Time 103,2.23.208.183 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=88, origin; dur=15, inner; dur=12 Content-Length 451 X-Ms-Token 5OJHUCltN1dRtUejrYvvOyGYq_u1lSG-dwczra8yFOIm5ELQY_z5XJh05UYlEGQda-1vXJ3WZ-fEgy35e8y2ck8uvd2K8o4bJs3rs0uocFU= Pragma no-cache Server nginx X-Tt-Logid 202305180600102F80A32BFB70EBA63E26 X-Cache-Remote TCP_MISS from a104-96-220-54.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48589741) (-) Vary Accept-Encoding Access-Control-Allow-Methods GET,OPTIONS Content-Type application/json Access-Control-Allow-Origin https://www.tiktok.com Access-Control-Expose-Headers x-ms-token,x-ms-resp Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true X-Origin-Response-Time 15,104.96.220.54 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b053c979ca6844d4e1d452ccb2ee94469d7ecce0a85353473dd0cd2b827452657ebeaca1d7dc913a643301cf3f5a6ba931d2e163dd49d3d340f3b14772606ebc22631d3b3ce862147e376d5d868e614d600deca0c9a69de2d8fe9ef48645924b915 Access-Control-Allow-Headers x-mssdk-info,x-ms-req Expires Thu, 18 May 2023 06:00:11 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 4323	107 B 165 B	49ms 48ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 4323	107 B 165 B	50ms 49ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:10 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 4323	432 B 199 B	268ms 268ms	XHR text/plain	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3678880540948459&correlator=4161747951803199&eid=31074644&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fif&iu_parts=260217354%3A22395387169%2Ctheyucatantimescom_theyucatantimes-com_728x90_prebid_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=2672991854&sfv=1-0-40&prev_scp=interests%3Dwww%2Ctheyucatantimes%2Cthe%2Cyucatan%2Ctimes%2Cyucatan%2Cnews%2Cpolitics%2Ceconomics%2Cand%2Cheavy%2Crainfall%2Cnorthern%2Citaly%2Chas%2Cled%2Cspeculation%2Cthat%2Cthis%2Cemilia%2Cromagna%2Cgrand%26amznbid%3D2%26amznp%3D2&eri=4&sc=1&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&abxe=1&dt=1684389610942&dlt=1684389609248&idt=708&adxs=1164&adys=341&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=safwn9289iqc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&top=www.theyucatantimes.com&frm=23&vis=1&psz=728x-1&msz=728x-1&fws=256&ohw=0&ea=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1446387792.1684389609&ga_sid=1684389610&ga_hid=409296066&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074644 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 71f8b3578fb3a8d7c717544121cc214d2fd19a10f4f170a3a3f2e17043c51637 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 168 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame 6EBB	107 B 122 B	48ms 48ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 6EBB	107 B 122 B	48ms 48ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 6EBB	23 KB 11 KB	366ms 366ms	XHR text/plain	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=728358751427467&correlator=3033859337984674&eid=31072020%2C31072879%2C31074534&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&iu_parts=260217354%3A22395387169%2Ctheyucatantimescom_theyucatantimes-com_300x600_prebid_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&adks=831859746&sfv=1-0-40&prev_scp=interests%3Dwww%2Ctheyucatantimes%2Cthe%2Cyucatan%2Ctimes%2Cyucatan%2Cnews%2Cpolitics%2Ceconomics%2Cand%2Cheavy%2Crainfall%2Cnorthern%2Citaly%2Chas%2Cled%2Cspeculation%2Cthat%2Cthis%2Cemilia%2Cromagna%2Cgrand%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.05%26hb_adid_rubicon%3D73505d86911ad2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D73505d86911ad2%26hb_bidder%3Drubicon%26amznbid%3D2%26amznp%3D2&eri=4&sc=1&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&abxe=1&dt=1684389611034&dlt=1684389609257&idt=789&adxs=1375&adys=1997&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=2&ucis=a79i4s4i25a1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&top=www.theyucatantimes.com&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1446387792.1684389609&ga_sid=1684389610&ga_hid=432532672&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8b4b34d74486af42ca08aba7846d055c8fc3e9d363f3790a57b10b4fde637ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10882 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.theyucatantimes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response pagead2.googlesyndication.com/bg/ Frame DDBA	37 KB 14 KB	135ms 54ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 09:01:20 GMT content-encoding br x-content-type-options nosniff age 75531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14771 x-xss-protection 0 last-modified Mon, 08 May 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 09:01:20 GMT
GET H3	200	oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response pagead2.googlesyndication.com/bg/ Frame 7C29	37 KB 14 KB	122ms 42ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 09:01:20 GMT content-encoding br x-content-type-options nosniff age 75531 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14771 x-xss-protection 0 last-modified Mon, 08 May 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 09:01:20 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 60CB	0 0	89ms 78ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=3678880540948459&rc= Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2029	0 0	87ms 78ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=728358751427467&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H2	200	webmssdk_ex.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.42/ Frame C204	428 KB 136 KB	42ms 42ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.42/webmssdk_ex.js Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash e4cac17e16f678a66de53e4edc1a9d071461056575f3e1c9087574dcb7a13120 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8b34 date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 QZw/z5njvp9V4Og5wLp7kA== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 137877 last-modified Tue, 11 Apr 2023 19:41:09 GMT opc-request-id iad-1:j6WXH7PktqlK-T-ZxU40BbetIJsrn87_FLzG6Niz58cC7xTIQHqe4ScWH6CbnY7r x-api-id native etag e7fadfd2-bb4d-4c35-b4bd-03e104bc6e07 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id 76d482b9-3806-4835-ae51-cb832de1788c access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:11 GMT
GET H2	200	/ Show response www.tiktok.com/api/recommend/embed_videos/ Frame C204	37 KB 12 KB	1350ms 1350ms	Fetch application/json	23.36.163.12 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.tiktok.com/api/recommend/embed_videos/?aid=1284&count=24&secUid=MS4wLjABAAAATorBEnRrO3wB10v6wMDY9hmqrkQvHboGQ6ILppRGXpa-2Q3DXd6hrSRXIy3x2esd&lang=en-US&msToken=&X-Bogus=DFSzswSOiDhANyFgtthciBVeovZ1&_signature=_02B4Z6wo00001d2xcsAAAIDAUzy0dsOaDQ3dsXZAABML3c Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-12.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a2c86ee84df2503e6699d6799d0f64535ce9d15d71025bdbf377439760c381f3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/embed/v2/7208968665885150469?lang=en-US&referrer=https%3A%2F%2Fwww.theyucatantimes.com%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id 70bf9b0 date Thu, 18 May 2023 06:00:12 GMT content-encoding br x-tt-trace-tag id=16;cdn-cache=miss;type=dyn bd-tt-error-code 0 tt_stable 1 x-cache TCP_MISS from a23-36-161-12.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) server-timing inner; dur=1219, cdn-cache; desc=MISS, edge; dur=1, origin; dur=1306 pragma no-cache server nginx x-tt-logid 2023051806001062AC0AE42794F307CF51 content-type application/json cache-control max-age=0, no-cache, no-store x-origin-response-time 1307,23.36.161.12 x-tt-trace-host 017d0578f327b57d1558311a3c4228a516b55b6eff25f7fe442edfd624250919dfcff565cbb0b910d0a35942fdd5aa049ea224f2523e0912404913f1045d202bd4ae70fe2e6766a4e6f29e4c5d7619d33e4e977a04a0001f5c7f95882718f2e066 expires Thu, 18 May 2023 06:00:12 GMT
GET H2	200	img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame C204	1 KB 1 KB	41ms 41ms	Image image/svg+xml	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-controller-play-50633fd697e3a54c76c42c2a03aab3ea.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 1487bfed1f532d8cff7ec61ac6bb53dc91e8745905444ba4fdb237eb19071cf0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8cd4 date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 UGM/1pfjpUx2xCwqA6qz6g== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 569 last-modified Wed, 29 Mar 2023 17:02:30 GMT opc-request-id iad-1:6vrV-MyrHrGiQvWx3NiepM40Q4PT-4vxlFOzAPB-WdUPLD4PqQu0XLVW0so1HiCF x-api-id native etag 16e80c6b-c9fb-490e-ae6f-cb7d77605d0d vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type image/svg+xml version-id d73f4611-dbb1-42e8-a659-1543a9c973a4 access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:11 GMT
POST H/1.1	200 OK	list mcs-va.tiktok.com/v1/ Frame C204	0 0	218ms 138ms	Ping application/json	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Requested by Host: sf16-website-login.neutral.ttwstatic.com URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.aabd7e28f2a793b9c153.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H/1.1	200 OK	list mcs-va.tiktok.com/v1/ Frame C204	0 0	212ms 132ms	Ping application/json	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Requested by Host: sf16-website-login.neutral.ttwstatic.com URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.aabd7e28f2a793b9c153.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	container.html Show response 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C897	6 KB 3 KB	42ms 41ms	Document text/html	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:10 GMT expires Fri, 17 May 2024 06:00:10 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7C29	0 10 B	40ms 39ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?8PLYSg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
OPTIONS H2	200	browser-settings mon-va.byteoversea.com/monitor_web/settings/ Frame	0 0	144ms 144ms	Preflight application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-origin https://www.tiktok.com access-control-max-age 600 access-control-request-method POST,GET,OPTIONS cache-control public, max-age=600 content-encoding gzip content-length 387 content-type application/json; charset=utf-8 date Thu, 18 May 2023 06:00:11 GMT server nginx server-timing cdn-cache; desc=MISS, edge; dur=85, origin; dur=19 inner; dur=3 upstream-caught 1684389611544009 vary Origin, Accept-Encoding x-akamai-request-id 5ebd1a8.1ca0b4a9 x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-cache-remote TCP_MISS from a23-43-56-135.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-origin-response-time 19,23.43.56.135 x-parent-response-time 104,95.101.54.239 x-tt-logid 2023051806001020E516D615C1A993932E x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede00dbba73c0efa76e520cfd1f5a35eb47905e18d222135fb0de4efeb55586ea45c1f66e42be465096145298d163475aec64a8c91574df031d1875033183ee3721e6 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET H2	200	browser-settings Show response mon-va.byteoversea.com/monitor_web/settings/ Frame C204	1 KB 1 KB	247ms 246ms	XHR application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1 Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 79e48de5c10444ed9bc343e12665e35ca63d1fff603aa7294e03d1a63d731294 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers x-akamai-request-id 11cb814b.1ca0b4fa date Thu, 18 May 2023 06:00:11 GMT access-control-request-method POST,GET,OPTIONS content-encoding gzip upstream-caught 1684389611699089 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-parent-response-time 136,95.101.54.239 server-timing cdn-cache; desc=MISS, edge; dur=106, origin; dur=30, inner; dur=1 content-length 387 server nginx x-tt-logid 20230518060010CE05B1AFF46615AD650E x-cache-remote TCP_MISS from a23-43-56-149.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) access-control-max-age 600 vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.tiktok.com cache-control public, max-age=600 access-control-allow-credentials true x-origin-response-time 30,23.43.56.149 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede007934a9f69785dd9ac185c6ad9e6ff43f400ed9e41366529409328b40651cc577618b374a1f3ae7ca2e77ee0f74fe35f2800d160ae0a3ee9a827fbb615c62fd6342ddeba6bb3fedfb1b43c27f23e938e0 access-control-allow-headers Content-Type
GET H2	200	common-monitors.1.5.0.js Show response sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame C204	19 KB 8 KB	40ms 40ms	Script application/javascript	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js Requested by Host: sf16-website-login.neutral.ttwstatic.com URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.42/webmssdk_ex.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68 Request headers Referer https://www.tiktok.com/ Origin https://www.tiktok.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf8d77 date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 lJMNanjiQY7KAJ1oFCsUBQ== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 7318 last-modified Wed, 15 Feb 2023 03:17:11 GMT opc-request-id iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF x-api-id native etag f69b14ef-715b-4897-9d2b-f2811c896f09 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type application/javascript version-id bf1061da-7f62-45be-8168-83d7b672961a access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true timing-allow-origin * expires Sat, 17 Jun 2023 06:00:11 GMT
POST H/1.1	200 OK	list Show response mcs-va.tiktok.com/v1/ Frame C204	21 B 1 KB	230ms 230ms	XHR application/json	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers X-Akamai-Request-ID 7d92f337.291dcd7c Date Thu, 18 May 2023 06:00:11 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Parent-Response-Time 89,2.16.1.46 Connection keep-alive Server-Timing cdn-cache; desc=MISS, edge; dur=82, origin; dur=8, inner; dur=2 Content-Length 21 Pragma no-cache Server nginx X-Tt-Logid 20230518060010A7011637D3DD025813D9 X-Cache-Remote TCP_MISS from a23-39-229-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) Access-Control-Max-Age 1800 Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.tiktok.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true X-Origin-Response-Time 8,23.39.229.13 x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b0517cc1818661b0378c602ad68c055a1db7c9a5ab208952ae2cbdf3bce015c32f1fdead4de1b16a2af885a65921609e33ae4de380452bf93a3d6ef1ac7e6a00aa9386b01f9cae776ffc49dde9fce903d05 Expires Thu, 18 May 2023 06:00:11 GMT
OPTIONS H/1.1	200 OK	list mcs-va.tiktok.com/v1/ Frame	0 0	153ms 153ms	Preflight	2.16.1.50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcs-va.tiktok.com/v1/list Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.1.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-1-50.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, OPTIONS, HEAD, PUT, POST Access-Control-Allow-Origin https://www.tiktok.com Access-Control-Max-Age 1800 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Date Thu, 18 May 2023 06:00:11 GMT Expires Thu, 18 May 2023 06:00:11 GMT Pragma no-cache Server nginx Server-Timing cdn-cache; desc=MISS, edge; dur=100, origin; dur=13 inner; dur=2 X-Akamai-Request-ID 1a06cea.291dca7f X-Cache TCP_MISS from a2-16-1-46.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Cache-Remote TCP_MISS from a23-220-105-211.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.2-48551439) (-) X-Origin-Response-Time 14,23.220.105.211 X-Parent-Response-Time 113,2.16.1.46 X-Tt-Logid 20230518060010A1B50676576D956E608B x-tt-trace-host 01dcd74a6b5ef1e3649890ed3d21743b05131ae662b57779f799a0248ba29ab4121e2ffe2a514c9c7de5380cc31a1d78407cb9cc5ca35a07c0fd56160988a0070b4af2dc0e5002294d795abf63341b171de146b0f0f2879beb8fb1852b2b86eb87 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame DDBA	0 10 B	39ms 39ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Qhr72Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0C72	624 B 307 B	55ms 53ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNV1l2xcVGYdMtfLeZo4lN1Ol3h6CinI6mx6ZqU7_tqHEJqpq7Y_CyQ3qrJNnP-LBPXCvSE_NxdjM2vPe11oKHMEx-oVeW06vKN4VIF2F0BZPX5H8g1kbRO3q1keARoC8Ci2ryo2xgDVOY2NyRCB1rIhVFWJmFU7tpeUb_pR25RAIZLlBb6EbGHdmouJw_eT7LOp3dN7 Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame C897	78 KB 27 KB	73ms 73ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 18 May 2023 06:00:11 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C897	42 B 63 B	86ms 86ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cm-fPqzqMw8jWegg_B_eKtOgLBwbGI1a0uBhonCiwNg4DDdukoiNIxFGRd4fEFvz9889IV8erAgbKdlGbhQiliWfkukqBc3XMBaqwIuK9BHPdqEkg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C897	0 20 B	86ms 86ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4984099084858726282&x=1&ct=76 Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame C897	3 KB 1 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 17:47:01 GMT content-encoding br x-content-type-options nosniff age 43990 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 17:47:01 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame C897	19 KB 8 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 17:47:01 GMT content-encoding br x-content-type-options nosniff age 43990 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 17:47:01 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame C897	0 0	49ms 48ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjpWDrnDWdhhuSKW3dkVmW2iQsUYVoW7sIZkfVWh7RbF9ApCqqVeLeepD8I9PktbkfuGTguYQLJ7WTJuhK3oFxewS9RA Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C897	170 KB 53 KB	137ms 47ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 06:00:11 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0C72 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1	43 B 766 B	197ms 40ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNV1l2xcVGYdMtfLeZo4lN1Ol3h6CinI6mx6ZqU7_tqHEJqpq7Y_CyQ3qrJNnP-LBPXCvSE_NxdjM2vPe11oKHMEx-oVeW06vKN4VIF2F0BZPX5H8g1kbRO3q1keARoC8Ci2ryo2xgDVOY2NyRCB1rIhVFWJmFU7tpeUb_pR25RAIZLlBb6EbGHdmouJw_eT7LOp3dN7 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:11 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0C72 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGW.65GJYYH4ezvYjpel1QAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1&google_hm=2	43 B 766 B	47ms 46ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNV1l2xcVGYdMtfLeZo4lN1Ol3h6CinI6mx6ZqU7_tqHEJqpq7Y_CyQ3qrJNnP-LBPXCvSE_NxdjM2vPe11oKHMEx-oVeW06vKN4VIF2F0BZPX5H8g1kbRO3q1keARoC8Ci2ryo2xgDVOY2NyRCB1rIhVFWJmFU7tpeUb_pR25RAIZLlBb6EbGHdmouJw_eT7LOp3dN7 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:11 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdDIzmtbgQU8mxCb3vOfR4&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 0C72 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEJ8BVuv8TACPshGNG5haHsU&google_cver=1	43 B 1 KB	156ms 156ms	Image image/gif	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEJ8BVuv8TACPshGNG5haHsU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNV1l2xcVGYdMtfLeZo4lN1Ol3h6CinI6mx6ZqU7_tqHEJqpq7Y_CyQ3qrJNnP-LBPXCvSE_NxdjM2vPe11oKHMEx-oVeW06vKN4VIF2F0BZPX5H8g1kbRO3q1keARoC8Ci2ryo2xgDVOY2NyRCB1rIhVFWJmFU7tpeUb_pR25RAIZLlBb6EbGHdmouJw_eT7LOp3dN7 Protocol HTTP/1.1 Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:11 GMT AN-X-Request-Uuid 02e08e13-4462-4c62-9680-36bb2a0865c4 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEJ8BVuv8TACPshGNG5haHsU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0C72 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNTk0OTkxMTI2Njg3NTAzMw%3D%3D	170 B 243 B	234ms 190ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNTk0OTkxMTI2Njg3NTAzMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNV1l2xcVGYdMtfLeZo4lN1Ol3h6CinI6mx6ZqU7_tqHEJqpq7Y_CyQ3qrJNnP-LBPXCvSE_NxdjM2vPe11oKHMEx-oVeW06vKN4VIF2F0BZPX5H8g1kbRO3q1keARoC8Ci2ryo2xgDVOY2NyRCB1rIhVFWJmFU7tpeUb_pR25RAIZLlBb6EbGHdmouJw_eT7LOp3dN7 Protocol H2 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 18 May 2023 06:00:11 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid ddeb4573-0499-40ea-b988-9f5387840f9e Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNTk0OTkxMTI2Njg3NTAzMw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C897	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6225728655481&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C897	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6225728655481&version=m202301230201&ct=76&x=1&cor=4984099084858726000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame C897	99 KB 38 KB	81ms 81ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2O-pEu-RTJYZCTDlllNUYtsM6sWtM1MQvbTd1hPPb_3OIENukeUWs26_bwB7WKBvo81cl_NNuHd75bUs0Kj5uYwq-urEBYq-vW_dtwHA5AGNZ5HoMG2eKZZLkf-8bd1Kj316F8UQGoB2Vxnn5NU9Xm6Exhg73nQtgDrrOI7OL4dYVta0&dbm_d=AKAmf-BtRmWINLxk84JW5uzS95f3A-kKANWPpu7_VJeWhL1ES8ZVE-K-wO071jUTy98MdvrA7U9J_wN7F5dDW3_p3_CALQ3XnKKXv6vbn50c4NMzgNYHHx_jZ2BzR6pYa9qDZRi0e4FCG38r2rq2HrvC3WBelxKWD9vAm1dLbHx9cO1-C6JPXSGFgGSLU4VYExSAI0joHMiU4jUe4nhhuK4YzTQSrgN9U0PjAAdvbLTMb9uUz4cv90zqe_I-4uR87Z6mbLyoGBRjzf5EiDbJzWX1Ct-7LdyDjNBIACERwyujVjj-vbcISzDVE_0e4dkWnCzBmtAU0oHHCAwaXs1k7NL8NFuLOFVMy7WgUOXNj8omrJihNsnk9BVbdpURVcuWNiTvRgcqHIpQ2wL2xxhrhm5TUCD5Ygt-xK62eQrADN1e0e85G4ZalUAJbPb3ULMrt943qcnejbya5lW-iKcypwd8ODkOUOW1oN1FFw5JPlmn0zGbQpaa0kZJrKWn2bR9WYFxme4ZQ4ZCHWbL0AVTE4gE_RCLie9S-6vnykvyNZbilFiTmRmGQdNGTvjF7pXLjxDQ0XtkzHqMqMbtXG_G8wKKPscgP4h_dUCGD-o4XdSrMFaP1Pt0B8ylGWAvXXXakLGgDxOsTf3dQFUvt9uP_daK3eS8Yy374pVK5h4RdFH-WUvtjd-FbYHueqIWwSlJMv1SfVWtvpkEt7P3zZJgvUfj0eVKdudsE-0JaW0C9AVIslUsF9JteagBHSSaFQByoSxHHhOvxjGzNeLLeAMAQ1zDsmLXmbGS1ge9zjh66l-GCfq4LXdkUIvZaF_7J8Ayo5VsrmkQDSpsWyRXjymkda5vz8jidXiGDIINQDVudt5BXI_mVUkb7QLVSgvtD9Xe5d60j8903u4_UWqK8CFcHUS-DcNk0gwwpDKR84haLU0wk3KASwfp_wd5Tqta3TN7oMzbITYPxrjttbgpNKb9uUj3CpU2lQm9UOuQE10VEYUjpY0bwgQVLAg4Xg3AVBLJFX8F_DeA_ZsgRQbi0_veR1gogTxbdTU9FuK5iC0ZJ4AJHUf4DI7VH8Tn3HideHUc4uWuXTwqcEyD7QopjjyaVkvqvY62XddHazcHRuDl3wuGfjpahl7MpdmZTwNBi1-2epSEvV4bCHPYd3dsWj8AsEjF9fsj7vzS8XcGryBLDXxaDhp58GG4LGqj7DHMSaGD3Fa4Bki1p0rBYKwGn-g-3YBnJQhVHi8QpWC9spfp_rgPRHHN-K0O_xW4cqXBLMh6z_e5l4IO9bMlF6IejNmIyYC9Jq0gaBbFcHRYajwcu1nhqx25zmXtJj73_Od-ejGFvJ4eB8hb-qCAyAKOm1RNw2DIwx4SZFFdrzfeJ2xBGWqLsg9Fl1ljjDKWvZyl0ZwDROm-uAQjXmmnpvWIeYBCpWCx2kB9Z5MGYOmeaF01TWCuIMJWv8NCpiaYjyma1xmv4X7pEpxPDE8VcUF_ousJ9WKcfObaxdK3E3szuPx1uCQBwQ7Ig5xBdm2FyGkQJvEiKAteKjJ9oS4j9nuLUna4SeqeinwZ64swlzrJNiRbw6J3RK5wrCu-OLFyH9-y2JXYyWsvWWlzcgHIQWvLYfaBOLzWtm-FzvuOtOh_iBUxGPh-eBvX2B7i2tgSXVDdCS1jz5jOBmckZxUrq99E1UOuo1_t75uPhxyRSp6nzuPB-W-AbUp3czoRIKGQd5OXEMIiEqWvdZjEEoDIChS-PAWu5M53waTSQ2QOV2jZcxCzdniOHEKZEcFco0E7PdKOP6OpRxph4a-NiH1XbfZeXpJV6CVmdUS2PWpw3w4A5NWiJ_z7lsqUYNcefNY5wSv3hA4ebYGHs8ULfHTMfA2H2xQ9VwEFLDdNtc0ZLoIMvse9oZUO04dRM5Tdosea9GXibzxZJ9Yaqkvmz8WPbleHPzI5Gu4lwxzZJMYOLM3351YHUaFhXnLXekvSm4h9MPH3FaIZ_wW0g1hvxXQanpIo7qvmMvwRCKNgRausXItH7_7694vXDsT5DkQ9-TUTaTp-J1sp0OGnoHZugUV2JkWZs2kLoJH5xVJFFETWLcwR6cwJ62eE9KvWhQHj915iiVY0OGAAtEC1Bjjrw75Lt9Q_xFjZfcuiNtApr981fJQCGNPz4hm4Bo4UKzS74HUthnmKrxMmnBndO_3NKDn1mtsB9myXqfHea0lsM3Cm3SaPe3n-k-v-e94ziuUw8cj68KAVr4QXdo6rOd7VxdezFfjjfhBkkWknmZwGjykViIpU0G4yhiamAiaCH4-YXQ-Pp8mkgjCKmbKhp6rAJOS-pyCUxEAucyKcDtoPx-LfXWxubVE53rehbOkZFjE1fO5yZOujTBalEVWBHlHQ6WeAWgZ9DETrSyeUVQaOopXjTHzt9iPj4sUJwUTgJ_n5oTPof8ci73PI90lYRby6JTcA_rfA_bG5BXp_a2sKB9tNd4u9-aYr17-Nah81Ff-Ctx1CUvRhvaJEFqO6nfkrKS8f04nK8AwdxSlH5EtjOCGc07kIusmpYmHSqHySpnq6dAulzWU0h86Psarc0SDbR6q8uONW-oWxJduW7oTdzWXVid9rTZyZRa0h4VtrdKbfBcRLZKNDwRsq_20uiaucYLSKtUeqAuduSTcRV9RtXrmRIRDY3rkN09CZLNZZDvvkRIH_lBhgpQnSurBX-WqUPNJMdt9eC1xdnlKUN86j7YEXAPdD4ul1WebaH6Q377umruL4N5A7RvpBkHqX7w1kctqGZedwef8ka87O-Uk7k8IBWpdnyiXncefKR20UTU2YPrlqee-dpwkvxM72x_h2RLQVrsTb0k3G8FIyqLGYg5dUOzc1PNHpvGhqHXAS9P7QbHe77Z8yvIKKK0jRylu-kl6ev5hDVRfR8eiWK1BlggD4IKmFjYqNQtJRVTL2QCfwPb5h9xH6MJohfegqgUTsiJ1lZyfgpkPfWu9ihhiwp8UMh0UjsaWsjJGuiKF7Nk-VX4V6pvS45MgcbNkdJV7yRAR2FHmdDUEAy_9EtyoRFBZ5BYMTXySUY4J91beRYuBi3VDUmn6e1wGyhDtvDV5CPI5qCMTe5BZODHQlduL6JAeE3ritay6wYWcW53RPzD7EQH-_895TGFb4Jkfrugw9bDdYUTk8luvLOdu4552yW11s3BmrGpqye1RZT2V8Vj6rpMJEilyKXD3VQdXjN3vU80wxLQDW2IZczT1R0cXIEgLTnS7T0YlcZ8SxAMErDsylnEe4r_MQtNly-H4EyjLWiBM6lFZ7GMIiaQe7I7WXsIq8OWhxYrLsWbI4eWRlTDs4LAVWnTdhQRCyKbm1z_izvyyEzm4hjVz3kgfs-SAJ0v4aLmPmNCURa9Z7NAFtziKaL-8Q6P6u_Ew46zf8KuafcAfHtjLiyWoqFkj-ABYaAmcgOMMEuVXD9R8oSAOD1C15_7QU46SZLPgKkVyhHNgodcMLjX7PjcS-zJHPy1eDAlRi64mk3uzaUowHa9UEAxgCWEzN4LdUHmbKtf3tWPFSbIPLgfewjP-XEuHMEmcePwuUT6pDeh6X2Ry6cXDpPG85HanWRo5mjCALXU1-L7aGaoiV&cid=CAQSOwBygQiDzR7q3AV7EOfXgRhgdagW07NIaR16GQNv9vl6sC4mSm9IpeMp2NfpvX_x-GOKkwJyNh5fTCyhGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theyucatantimes.com&ds=l&xdt=1&iif=1&cor=4984099084858726000&adk=2476403952&idt=87&cac=0&dtd=9 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 189fbc508ec0e77b73b8a6c5e8f1387e45891cc526561f4cfc5b02638ddd0333 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39289 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 5117	135 KB 46 KB	100ms 100ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/adservices/v4/relapads.lite.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 855be877737db2a027922e96fe4f164815e73f47927575fff91cb3e1f0f90303 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47280 x-xss-protection 0 server cafe etag 8901096304833020165 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Thu, 18 May 2023 06:00:11 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/990511/61634099/ Frame C897	245 KB 74 KB	212ms 57ms	Script application/javascript	52.215.103.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/990511/61634099/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1724616865008460&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.theyucatantimes.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jDxAKQpW80dyA003uy97Gb Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-103-77.eu-west-1.compute.amazonaws.com Software / Resource Hash 249aaddaf534674c2f6a25565ab3262fb4933e1a53be89ffd3aa220948f8edfd Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame C897	106 KB 37 KB	126ms 39ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ Origin https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 09:27:13 GMT content-encoding gzip x-content-type-options nosniff age 73978 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 09:27:13 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230516/r20110914/elements/html/ Frame C897	11 KB 4 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230516/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2O-pEu-RTJYZCTDlllNUYtsM6sWtM1MQvbTd1hPPb_3OIENukeUWs26_bwB7WKBvo81cl_NNuHd75bUs0Kj5uYwq-urEBYq-vW_dtwHA5AGNZ5HoMG2eKZZLkf-8bd1Kj316F8UQGoB2Vxnn5NU9Xm6Exhg73nQtgDrrOI7OL4dYVta0&dbm_d=AKAmf-BtRmWINLxk84JW5uzS95f3A-kKANWPpu7_VJeWhL1ES8ZVE-K-wO071jUTy98MdvrA7U9J_wN7F5dDW3_p3_CALQ3XnKKXv6vbn50c4NMzgNYHHx_jZ2BzR6pYa9qDZRi0e4FCG38r2rq2HrvC3WBelxKWD9vAm1dLbHx9cO1-C6JPXSGFgGSLU4VYExSAI0joHMiU4jUe4nhhuK4YzTQSrgN9U0PjAAdvbLTMb9uUz4cv90zqe_I-4uR87Z6mbLyoGBRjzf5EiDbJzWX1Ct-7LdyDjNBIACERwyujVjj-vbcISzDVE_0e4dkWnCzBmtAU0oHHCAwaXs1k7NL8NFuLOFVMy7WgUOXNj8omrJihNsnk9BVbdpURVcuWNiTvRgcqHIpQ2wL2xxhrhm5TUCD5Ygt-xK62eQrADN1e0e85G4ZalUAJbPb3ULMrt943qcnejbya5lW-iKcypwd8ODkOUOW1oN1FFw5JPlmn0zGbQpaa0kZJrKWn2bR9WYFxme4ZQ4ZCHWbL0AVTE4gE_RCLie9S-6vnykvyNZbilFiTmRmGQdNGTvjF7pXLjxDQ0XtkzHqMqMbtXG_G8wKKPscgP4h_dUCGD-o4XdSrMFaP1Pt0B8ylGWAvXXXakLGgDxOsTf3dQFUvt9uP_daK3eS8Yy374pVK5h4RdFH-WUvtjd-FbYHueqIWwSlJMv1SfVWtvpkEt7P3zZJgvUfj0eVKdudsE-0JaW0C9AVIslUsF9JteagBHSSaFQByoSxHHhOvxjGzNeLLeAMAQ1zDsmLXmbGS1ge9zjh66l-GCfq4LXdkUIvZaF_7J8Ayo5VsrmkQDSpsWyRXjymkda5vz8jidXiGDIINQDVudt5BXI_mVUkb7QLVSgvtD9Xe5d60j8903u4_UWqK8CFcHUS-DcNk0gwwpDKR84haLU0wk3KASwfp_wd5Tqta3TN7oMzbITYPxrjttbgpNKb9uUj3CpU2lQm9UOuQE10VEYUjpY0bwgQVLAg4Xg3AVBLJFX8F_DeA_ZsgRQbi0_veR1gogTxbdTU9FuK5iC0ZJ4AJHUf4DI7VH8Tn3HideHUc4uWuXTwqcEyD7QopjjyaVkvqvY62XddHazcHRuDl3wuGfjpahl7MpdmZTwNBi1-2epSEvV4bCHPYd3dsWj8AsEjF9fsj7vzS8XcGryBLDXxaDhp58GG4LGqj7DHMSaGD3Fa4Bki1p0rBYKwGn-g-3YBnJQhVHi8QpWC9spfp_rgPRHHN-K0O_xW4cqXBLMh6z_e5l4IO9bMlF6IejNmIyYC9Jq0gaBbFcHRYajwcu1nhqx25zmXtJj73_Od-ejGFvJ4eB8hb-qCAyAKOm1RNw2DIwx4SZFFdrzfeJ2xBGWqLsg9Fl1ljjDKWvZyl0ZwDROm-uAQjXmmnpvWIeYBCpWCx2kB9Z5MGYOmeaF01TWCuIMJWv8NCpiaYjyma1xmv4X7pEpxPDE8VcUF_ousJ9WKcfObaxdK3E3szuPx1uCQBwQ7Ig5xBdm2FyGkQJvEiKAteKjJ9oS4j9nuLUna4SeqeinwZ64swlzrJNiRbw6J3RK5wrCu-OLFyH9-y2JXYyWsvWWlzcgHIQWvLYfaBOLzWtm-FzvuOtOh_iBUxGPh-eBvX2B7i2tgSXVDdCS1jz5jOBmckZxUrq99E1UOuo1_t75uPhxyRSp6nzuPB-W-AbUp3czoRIKGQd5OXEMIiEqWvdZjEEoDIChS-PAWu5M53waTSQ2QOV2jZcxCzdniOHEKZEcFco0E7PdKOP6OpRxph4a-NiH1XbfZeXpJV6CVmdUS2PWpw3w4A5NWiJ_z7lsqUYNcefNY5wSv3hA4ebYGHs8ULfHTMfA2H2xQ9VwEFLDdNtc0ZLoIMvse9oZUO04dRM5Tdosea9GXibzxZJ9Yaqkvmz8WPbleHPzI5Gu4lwxzZJMYOLM3351YHUaFhXnLXekvSm4h9MPH3FaIZ_wW0g1hvxXQanpIo7qvmMvwRCKNgRausXItH7_7694vXDsT5DkQ9-TUTaTp-J1sp0OGnoHZugUV2JkWZs2kLoJH5xVJFFETWLcwR6cwJ62eE9KvWhQHj915iiVY0OGAAtEC1Bjjrw75Lt9Q_xFjZfcuiNtApr981fJQCGNPz4hm4Bo4UKzS74HUthnmKrxMmnBndO_3NKDn1mtsB9myXqfHea0lsM3Cm3SaPe3n-k-v-e94ziuUw8cj68KAVr4QXdo6rOd7VxdezFfjjfhBkkWknmZwGjykViIpU0G4yhiamAiaCH4-YXQ-Pp8mkgjCKmbKhp6rAJOS-pyCUxEAucyKcDtoPx-LfXWxubVE53rehbOkZFjE1fO5yZOujTBalEVWBHlHQ6WeAWgZ9DETrSyeUVQaOopXjTHzt9iPj4sUJwUTgJ_n5oTPof8ci73PI90lYRby6JTcA_rfA_bG5BXp_a2sKB9tNd4u9-aYr17-Nah81Ff-Ctx1CUvRhvaJEFqO6nfkrKS8f04nK8AwdxSlH5EtjOCGc07kIusmpYmHSqHySpnq6dAulzWU0h86Psarc0SDbR6q8uONW-oWxJduW7oTdzWXVid9rTZyZRa0h4VtrdKbfBcRLZKNDwRsq_20uiaucYLSKtUeqAuduSTcRV9RtXrmRIRDY3rkN09CZLNZZDvvkRIH_lBhgpQnSurBX-WqUPNJMdt9eC1xdnlKUN86j7YEXAPdD4ul1WebaH6Q377umruL4N5A7RvpBkHqX7w1kctqGZedwef8ka87O-Uk7k8IBWpdnyiXncefKR20UTU2YPrlqee-dpwkvxM72x_h2RLQVrsTb0k3G8FIyqLGYg5dUOzc1PNHpvGhqHXAS9P7QbHe77Z8yvIKKK0jRylu-kl6ev5hDVRfR8eiWK1BlggD4IKmFjYqNQtJRVTL2QCfwPb5h9xH6MJohfegqgUTsiJ1lZyfgpkPfWu9ihhiwp8UMh0UjsaWsjJGuiKF7Nk-VX4V6pvS45MgcbNkdJV7yRAR2FHmdDUEAy_9EtyoRFBZ5BYMTXySUY4J91beRYuBi3VDUmn6e1wGyhDtvDV5CPI5qCMTe5BZODHQlduL6JAeE3ritay6wYWcW53RPzD7EQH-_895TGFb4Jkfrugw9bDdYUTk8luvLOdu4552yW11s3BmrGpqye1RZT2V8Vj6rpMJEilyKXD3VQdXjN3vU80wxLQDW2IZczT1R0cXIEgLTnS7T0YlcZ8SxAMErDsylnEe4r_MQtNly-H4EyjLWiBM6lFZ7GMIiaQe7I7WXsIq8OWhxYrLsWbI4eWRlTDs4LAVWnTdhQRCyKbm1z_izvyyEzm4hjVz3kgfs-SAJ0v4aLmPmNCURa9Z7NAFtziKaL-8Q6P6u_Ew46zf8KuafcAfHtjLiyWoqFkj-ABYaAmcgOMMEuVXD9R8oSAOD1C15_7QU46SZLPgKkVyhHNgodcMLjX7PjcS-zJHPy1eDAlRi64mk3uzaUowHa9UEAxgCWEzN4LdUHmbKtf3tWPFSbIPLgfewjP-XEuHMEmcePwuUT6pDeh6X2Ry6cXDpPG85HanWRo5mjCALXU1-L7aGaoiV&cid=CAQSOwBygQiDzR7q3AV7EOfXgRhgdagW07NIaR16GQNv9vl6sC4mSm9IpeMp2NfpvX_x-GOKkwJyNh5fTCyhGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theyucatantimes.com&ds=l&xdt=1&iif=1&cor=4984099084858726000&adk=2476403952&idt=87&cac=0&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 16:46:44 GMT content-encoding br x-content-type-options nosniff age 47607 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4122 x-xss-protection 0 server cafe etag 11429739870029468282 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 16:46:44 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame C897	28 KB 11 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2O-pEu-RTJYZCTDlllNUYtsM6sWtM1MQvbTd1hPPb_3OIENukeUWs26_bwB7WKBvo81cl_NNuHd75bUs0Kj5uYwq-urEBYq-vW_dtwHA5AGNZ5HoMG2eKZZLkf-8bd1Kj316F8UQGoB2Vxnn5NU9Xm6Exhg73nQtgDrrOI7OL4dYVta0&dbm_d=AKAmf-BtRmWINLxk84JW5uzS95f3A-kKANWPpu7_VJeWhL1ES8ZVE-K-wO071jUTy98MdvrA7U9J_wN7F5dDW3_p3_CALQ3XnKKXv6vbn50c4NMzgNYHHx_jZ2BzR6pYa9qDZRi0e4FCG38r2rq2HrvC3WBelxKWD9vAm1dLbHx9cO1-C6JPXSGFgGSLU4VYExSAI0joHMiU4jUe4nhhuK4YzTQSrgN9U0PjAAdvbLTMb9uUz4cv90zqe_I-4uR87Z6mbLyoGBRjzf5EiDbJzWX1Ct-7LdyDjNBIACERwyujVjj-vbcISzDVE_0e4dkWnCzBmtAU0oHHCAwaXs1k7NL8NFuLOFVMy7WgUOXNj8omrJihNsnk9BVbdpURVcuWNiTvRgcqHIpQ2wL2xxhrhm5TUCD5Ygt-xK62eQrADN1e0e85G4ZalUAJbPb3ULMrt943qcnejbya5lW-iKcypwd8ODkOUOW1oN1FFw5JPlmn0zGbQpaa0kZJrKWn2bR9WYFxme4ZQ4ZCHWbL0AVTE4gE_RCLie9S-6vnykvyNZbilFiTmRmGQdNGTvjF7pXLjxDQ0XtkzHqMqMbtXG_G8wKKPscgP4h_dUCGD-o4XdSrMFaP1Pt0B8ylGWAvXXXakLGgDxOsTf3dQFUvt9uP_daK3eS8Yy374pVK5h4RdFH-WUvtjd-FbYHueqIWwSlJMv1SfVWtvpkEt7P3zZJgvUfj0eVKdudsE-0JaW0C9AVIslUsF9JteagBHSSaFQByoSxHHhOvxjGzNeLLeAMAQ1zDsmLXmbGS1ge9zjh66l-GCfq4LXdkUIvZaF_7J8Ayo5VsrmkQDSpsWyRXjymkda5vz8jidXiGDIINQDVudt5BXI_mVUkb7QLVSgvtD9Xe5d60j8903u4_UWqK8CFcHUS-DcNk0gwwpDKR84haLU0wk3KASwfp_wd5Tqta3TN7oMzbITYPxrjttbgpNKb9uUj3CpU2lQm9UOuQE10VEYUjpY0bwgQVLAg4Xg3AVBLJFX8F_DeA_ZsgRQbi0_veR1gogTxbdTU9FuK5iC0ZJ4AJHUf4DI7VH8Tn3HideHUc4uWuXTwqcEyD7QopjjyaVkvqvY62XddHazcHRuDl3wuGfjpahl7MpdmZTwNBi1-2epSEvV4bCHPYd3dsWj8AsEjF9fsj7vzS8XcGryBLDXxaDhp58GG4LGqj7DHMSaGD3Fa4Bki1p0rBYKwGn-g-3YBnJQhVHi8QpWC9spfp_rgPRHHN-K0O_xW4cqXBLMh6z_e5l4IO9bMlF6IejNmIyYC9Jq0gaBbFcHRYajwcu1nhqx25zmXtJj73_Od-ejGFvJ4eB8hb-qCAyAKOm1RNw2DIwx4SZFFdrzfeJ2xBGWqLsg9Fl1ljjDKWvZyl0ZwDROm-uAQjXmmnpvWIeYBCpWCx2kB9Z5MGYOmeaF01TWCuIMJWv8NCpiaYjyma1xmv4X7pEpxPDE8VcUF_ousJ9WKcfObaxdK3E3szuPx1uCQBwQ7Ig5xBdm2FyGkQJvEiKAteKjJ9oS4j9nuLUna4SeqeinwZ64swlzrJNiRbw6J3RK5wrCu-OLFyH9-y2JXYyWsvWWlzcgHIQWvLYfaBOLzWtm-FzvuOtOh_iBUxGPh-eBvX2B7i2tgSXVDdCS1jz5jOBmckZxUrq99E1UOuo1_t75uPhxyRSp6nzuPB-W-AbUp3czoRIKGQd5OXEMIiEqWvdZjEEoDIChS-PAWu5M53waTSQ2QOV2jZcxCzdniOHEKZEcFco0E7PdKOP6OpRxph4a-NiH1XbfZeXpJV6CVmdUS2PWpw3w4A5NWiJ_z7lsqUYNcefNY5wSv3hA4ebYGHs8ULfHTMfA2H2xQ9VwEFLDdNtc0ZLoIMvse9oZUO04dRM5Tdosea9GXibzxZJ9Yaqkvmz8WPbleHPzI5Gu4lwxzZJMYOLM3351YHUaFhXnLXekvSm4h9MPH3FaIZ_wW0g1hvxXQanpIo7qvmMvwRCKNgRausXItH7_7694vXDsT5DkQ9-TUTaTp-J1sp0OGnoHZugUV2JkWZs2kLoJH5xVJFFETWLcwR6cwJ62eE9KvWhQHj915iiVY0OGAAtEC1Bjjrw75Lt9Q_xFjZfcuiNtApr981fJQCGNPz4hm4Bo4UKzS74HUthnmKrxMmnBndO_3NKDn1mtsB9myXqfHea0lsM3Cm3SaPe3n-k-v-e94ziuUw8cj68KAVr4QXdo6rOd7VxdezFfjjfhBkkWknmZwGjykViIpU0G4yhiamAiaCH4-YXQ-Pp8mkgjCKmbKhp6rAJOS-pyCUxEAucyKcDtoPx-LfXWxubVE53rehbOkZFjE1fO5yZOujTBalEVWBHlHQ6WeAWgZ9DETrSyeUVQaOopXjTHzt9iPj4sUJwUTgJ_n5oTPof8ci73PI90lYRby6JTcA_rfA_bG5BXp_a2sKB9tNd4u9-aYr17-Nah81Ff-Ctx1CUvRhvaJEFqO6nfkrKS8f04nK8AwdxSlH5EtjOCGc07kIusmpYmHSqHySpnq6dAulzWU0h86Psarc0SDbR6q8uONW-oWxJduW7oTdzWXVid9rTZyZRa0h4VtrdKbfBcRLZKNDwRsq_20uiaucYLSKtUeqAuduSTcRV9RtXrmRIRDY3rkN09CZLNZZDvvkRIH_lBhgpQnSurBX-WqUPNJMdt9eC1xdnlKUN86j7YEXAPdD4ul1WebaH6Q377umruL4N5A7RvpBkHqX7w1kctqGZedwef8ka87O-Uk7k8IBWpdnyiXncefKR20UTU2YPrlqee-dpwkvxM72x_h2RLQVrsTb0k3G8FIyqLGYg5dUOzc1PNHpvGhqHXAS9P7QbHe77Z8yvIKKK0jRylu-kl6ev5hDVRfR8eiWK1BlggD4IKmFjYqNQtJRVTL2QCfwPb5h9xH6MJohfegqgUTsiJ1lZyfgpkPfWu9ihhiwp8UMh0UjsaWsjJGuiKF7Nk-VX4V6pvS45MgcbNkdJV7yRAR2FHmdDUEAy_9EtyoRFBZ5BYMTXySUY4J91beRYuBi3VDUmn6e1wGyhDtvDV5CPI5qCMTe5BZODHQlduL6JAeE3ritay6wYWcW53RPzD7EQH-_895TGFb4Jkfrugw9bDdYUTk8luvLOdu4552yW11s3BmrGpqye1RZT2V8Vj6rpMJEilyKXD3VQdXjN3vU80wxLQDW2IZczT1R0cXIEgLTnS7T0YlcZ8SxAMErDsylnEe4r_MQtNly-H4EyjLWiBM6lFZ7GMIiaQe7I7WXsIq8OWhxYrLsWbI4eWRlTDs4LAVWnTdhQRCyKbm1z_izvyyEzm4hjVz3kgfs-SAJ0v4aLmPmNCURa9Z7NAFtziKaL-8Q6P6u_Ew46zf8KuafcAfHtjLiyWoqFkj-ABYaAmcgOMMEuVXD9R8oSAOD1C15_7QU46SZLPgKkVyhHNgodcMLjX7PjcS-zJHPy1eDAlRi64mk3uzaUowHa9UEAxgCWEzN4LdUHmbKtf3tWPFSbIPLgfewjP-XEuHMEmcePwuUT6pDeh6X2Ry6cXDpPG85HanWRo5mjCALXU1-L7aGaoiV&cid=CAQSOwBygQiDzR7q3AV7EOfXgRhgdagW07NIaR16GQNv9vl6sC4mSm9IpeMp2NfpvX_x-GOKkwJyNh5fTCyhGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theyucatantimes.com&ds=l&xdt=1&iif=1&cor=4984099084858726000&adk=2476403952&idt=87&cac=0&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 16:46:49 GMT content-encoding br x-content-type-options nosniff age 47602 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11001 x-xss-protection 0 server cafe etag 16383942900985251592 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 16:46:49 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame C897	41 KB 15 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 04:43:57 GMT content-encoding gzip x-content-type-options nosniff age 90974 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 May 2024 04:43:57 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C065	1 KB 643 B	39ms 39ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 52943 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 17 May 2023 15:17:48 GMT etag 48472445140208031 expires Thu, 18 May 2023 15:17:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame C897	221 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 38cf46fa40d9cff8d3fccc5a33a1443f8e0235be865343e28e8b91c5a59a8f98 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/png
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/ Frame 5117	355 KB 120 KB	116ms 115ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd0ddcdb9c3a64bba2ded0a18cc987bc6d93f334e97dfb59474dd548e54f8259 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122595 x-xss-protection 0 server cafe etag 16812954881666793610 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 18 May 2023 06:00:11 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 0393	10 KB 4 KB	39ms 39ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 29519 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 17 May 2023 21:48:13 GMT etag 15057649708203361565 expires Wed, 31 May 2023 21:48:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 64AE	22 KB 8 KB	39ms 39ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 90599 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 17 May 2023 04:50:13 GMT expires Thu, 16 May 2024 04:50:13 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame C065	0 104 B	203ms 81ms	Image text/plain	2a02:fa8:8806:12::1400 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECr51k-BFZYRuIwFz7M9CxY&google_cver=1&google_push=ATf1kGOyZC9X7NJZIyUl4KnBpK1T7rcdujj2IhXh4c7uC5gMx-T_Afqb93l75IB02a71hHJzYYIIUXUHOc6PSRIFUov6v-8fyalSEg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame C065 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED1e-dKVvE8nVWQoYG9hu7Q&google_cver=1&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk7PdtmpwKYz2zCA	170 B 188 B	50ms 49ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk7PdtmpwKYz2zCA Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 18 May 2023 06:00:12 GMT Server MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGM0uMPe_U6dS9pHLub22vMcK9hGkDvOO96Tt5gIxrrGb9hkgP4H-hVqHyQBOVPbfx2Y43fPjkaeer_7ilgk7PdtmpwKYz2zCA P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Thu, 18 May 2023 06:00:11 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame C065	70 B 265 B	172ms 57ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHdCvVGpq3TDKa9XT2ElbOQ&google_cver=1&google_push=ATf1kGPyQe7xk2-X1jg6X4oHxuAKQx-qw_3G3jTd7FVh38YNVNwOM2U2ICJlFhHt1GV5DP1TOx_jjPHL1H7wJJPWam-bI5FvWUxa Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 18 May 2023 06:00:12 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame C065 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDgVm81ybSobUamEs2kAc2w&google_cver=1&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlW... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDM5ODI5NzI2NTk5Mzg2Nw%3D%3D&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlWt9Dh...	170 B 188 B	51ms 50ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDM5ODI5NzI2NTk5Mzg2Nw%3D%3D&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlWt9DhdNn7nFw5fq-g Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDM5ODI5NzI2NTk5Mzg2Nw%3D%3D&google_push=ATf1kGMKasu_SQuzQoS-hpFPSRDeJL-beWU6nfarU01C4_eRsFsUd238DByhNr40_z-0BonTnw4xV4uFt7KTlWt9DhdNn7nFw5fq-g Date Thu, 18 May 2023 06:00:12 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame C065	43 B 363 B	118ms 39ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPR8rG8UH8lIcdjdQYCayeY&google_cver=1&google_push=ATf1kGMdH-i2tbXwyeWvSw25a6jWMwmDd_IQiYGC2Vqr3rTgspQwTkTTZsMWehiANRnZa2KZUxy9yzhPbrYWYB0siLfO2yKzeLrs7Q Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:11 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 220291 expires Thu, 18 May 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C065 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjAnZLKnHM7Mlc1t9tRq1M&google_cver=1&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrH... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhTUTMwVEEtMVctRTZaWQ==&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrHVbyc5VzzT6UUJdEsoaGA0sq-yMw	170 B 188 B	52ms 51ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhTUTMwVEEtMVctRTZaWQ==&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrHVbyc5VzzT6UUJdEsoaGA0sq-yMw Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhTUTMwVEEtMVctRTZaWQ==&google_push=ATf1kGNoyjYvEXIgZhX-2gyXDECAdWJa8pEOPmf1gbcFMCzfcr2zf73cHoeXjwcxcgysSo6WGrHVbyc5VzzT6UUJdEsoaGA0sq-yMw Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 704c1e4d3fcc922a3031d436b584678b Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame C065 Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-VzBlH37qugq5fkI0bsZw&google_cver=1&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEI-VzBlH37qugq5fkI0bsZw&google_cver=1&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw&google_hm=GqiItGZHN_wPBtFcR9qD...	170 B 188 B	50ms 50ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw&google_hm=GqiItGZHN_wPBtFcR9qDGEUe Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 18 May 2023 06:00:12 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMS_M3E7dJlVahoIfpL7A7fiVmOBlQ3yHx1r1ls9DNqZcMxRltQgDEwAAN0pNpwfI2gAxf8QTOKoQCwOhRqr-S09zjTLiXTfw&google_hm=GqiItGZHN_wPBtFcR9qDGEUe Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap5ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame C065	0 12 B	48ms 48ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kg5-kJmBsCwQNm33BTrHlmtY-8TymP8dsOfXSF5VfeJpoinE8VuewQymtdetByH6XzEahg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/17425118478164857034/ Frame 4B11	144 KB 23 KB	126ms 43ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17425118478164857034/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c38c9c0ad13cfe2d9e7eafb46ae69f40fa031efce5570266087babf59a7660 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 419639 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 23058 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 13 May 2023 09:26:13 GMT expires Sun, 12 May 2024 09:26:13 GMT last-modified Thu, 24 Feb 2022 10:20:47 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C897	0 0	190ms 91ms	Fetch image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssznBP6YqQ8x7AkPqM5B9hOxILUKPmEz09j6APQ9fqf5F-ZbBCYMU_r2e_MY91bfqVgpKNj-rEFVz9-5C7IOSfNXEhMMFPjmbnP_2EvzxIRUUJL0wN4ZMsgr3-sP3kqu6JXtU5Ofcxr-8JyIn6bXr7ffir_ut62zMTdlVXwz2WKI2h2COG9QvnBnrpfTXP5VccOI5h-eMiEAJ42lFFx5uUYmYfup5Re7vPT6ItjRS8x-RVmjBA2b1--Z_sTzXdvFtb14QQz0saAfdLAfounA3qI3DAutlNOeJDCVAFNQzhPy_cPx3HuW9SCiZkVvK9CvmIqkanO0MyITJ8_Du-8glRf0JpZFRWN8ETUP9sIsGuSTG2VbJD7ypQAj2c6FjZYLnQP1y_ZBNFsjU8hdd6QuMqTcDdpNbjkbZeIC64V2OV2wVltk_8eIRhBgtsSlSs9NgMAmBabp83GcOAm3I6uBRLX_jZvnDo_hS6RNg4tnAD07ipC1cnh7B9dwpt8MgMNrQHJuZjKqx0Ahlgi7YX0bWSDJ_EVCUSOdt1Rg8Sqo2P1_mrEPxlUJueUbZGQeyCQsQjOlt7OeuIAKsvmoG8AtgswRqKH744FbbvrlSZV8j3ZNUKlCImOHeZonh0zewu0vubsX9dgnLMv4h2u9dGhPTUWjOn2BO0CrOLVJGh5BzLOgvvMflqiN9s67_P6G37nBWqKp6gNWfEQIcyScz2bbIw5EiDCNpNHedtfRMIWP8iNAn5DFfvh3f12Le9fAdktyAs9ONE8mCbIqZ93mea_DCxFqV_gPmVcb1INDFZ1JvjNno_YoYBU0-cBs76kcd-kBSigawSBvPc4vAm1ZKUdX4kUNNTGTVNelA_wgkZxgUzPz1HISCKfW1FEvCpLOO1oRojT6EccyTLGtDfZu_7D4CKujfGSO3lnWgeXMMo2b7gQAdhRm8Urg7i1OoZiGZ6Lk8CSgwqPGUcGlFdA3YjrjZEiYt_gMmKq6vQf9CCXhLC_xhY5WZhIb__KMv_PZIWcfZB6-0yQ-bRdpegrb6IdpkmwufRq9ajdqduVXx8jRQr7PrnYLl77Dxsd_YuyIurB_f_XlyDZ5W4lQZaEfd-og_HzgZ3QnJGcaiPvFMbAwSwDntRgtsTX7m8dxsSz7oHBqdJNRSPzWHLfDKluebuieUXS8lPS-rmqH5F5z5yueLZ5sk1JwNb_7WRohzh6eE6zuvw9BtNCaa9S2MvAaOXLVl6HAxIdBKoG_gy44KVOmJR4W_IaZwB7y6lU5by7r2H2-sL-f8mzMhwFnqX0lYaUmuhWrtiM7UJgq2aSstOQ39nFf3us8BNwx8Jt9jPtimx6KWyIrarRDcFzhrhYM2JYw5XyBs0RxGWN-g2L8G4Hcm3qxCtr&sai=AMfl-YTAFNp1BwdUowrRUPfMDjFX8rqytEsKheBm8KCTMWmFPw7tTZC_phJhIqvWRBaiAOt9sRjucib_a06IEhqvXnarTf1fvE9ObXVVCrIDyBnNY9_DjGYL3hqHHhcp524Z9Xx_9KXWHxQfrhwBC1VnpV7wuj_vCXWQiTuct5Vn7t6_tagVT9lc4lltzpFfKOztZdjpXWcDGweCfhq0mZ2P12vXaldAuRMUBarjuTUGrggZ8Ne-cYPev91qjq-PuQZIrd5J&sig=Cg0ArKJSzHex_1oG4rPQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=180&cisv=r20230516.06646&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 18 May 2023 06:00:12 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 18 May 2023 06:00:12 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6EBB	0 0	77ms 76ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=728358751427467&bg=!BQalBlLNAAYldGN0BXQ7ADkAdvg8WvJ34g4OAmGfF2E4YeCasbUB4T0ZoEb2A13ciobmBKoELmB_C3vjYSTOIM7DzfI4RuXNKcECAAABC1IAAAACaAEHmQLRuv7h-PjQdfIZBgSGFUVFkOe1pryWVQ9BM384qguCiOrJfkthwv86Pbn2cy0cadRhZ6reZJUPkQAy8oE43H0qFQO-zIPUHCg80vBJuPmiNOVYfeuA6geVvJVE0kQC0M9rySgP_VpBAPE95vQzTT5JGgdHr_6H18UoCe9QZSKsEh3MDJol-nhZuYfXSz3tOX8VpvuQGjYM2tZ1OUdyy2sQQM21jeVs9vhAWQ5BUsNndufWYJZppn42iVl-nald_oMLVZz7pe3xU_VYUBXPAnePDRlVo_3qldYhhfFhD5ENAcPeMsW29EOlq_aIuOTKtWZoFsLZXFYU2S8JwOJV-BUUfrbKE5hBOBEEwxCl2QZuaCrrq6coXMrmsXUUceiHtB6FOJUPvaaZHvBKwlKW26owNB0KEwNwHur5ZjiWtS7Q6eufIuwI_GIaRzhuClsKMA_S7YWAmfW4usnRKqWj4X8vaARllb7gTTf9CHzOgMhwDAZQBPHJooHmcmse22TQs65LsYgOekUPP3YMLYEF24OEyF0Io_vEURz5zR8Kqg8UYNGtPgHZ__s4OjCpP88t9M03Ay3mgriMMFFohAo5A-OBRR7ZWMpzfEQoI637m085TShwsFoEHp-_hUgl3pvCSeB9QAnDa0mDnOAfpzjzp2bt3HZVMe8lMVp_CdDO4mpVhkjrDb0pT1CdvPEhH7fDWMA-FUx7cRNndgUI-vHRiL-ZwLRNKnWlAocweodOXoQVXe4cs1-XaseWnAibdKxWhhnEMsjuzKr4vDwUQnXfsEqx_WNgtECWn-JqmY0JdYEyGcGcb5NEBiTuUMnh8MsK-uAeh63jcS7048sTjZphHIBg4nbBb9VIBIpz_OclaUic01kHSPAvw9Y6DsG432NO26hphbmukdDk_7lA3pS-sYjIuRwEFc8qHjuupa5d5RIaf8Z51SED4xvtRleD5nT9YE0wwg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H3	200	s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response pagead2.googlesyndication.com/bg/ Frame 64AE	37 KB 14 KB	58ms 58ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 16 May 2023 18:29:53 GMT content-encoding br x-content-type-options nosniff age 127819 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14579 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 May 2024 18:29:53 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 5117	223 B 557 B	151ms 49ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.theyucatantimes.com&callback=_gfp_s_&client=ca-pub-8469965667274063&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8e6d4461397d8a358abb28fb633aeb06984694b98a6aece15fe18618f8b5945a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame 5117	107 B 122 B	49ms 49ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 5117	107 B 122 B	50ms 50ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.theyucatantimes.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2E2A	134 KB 41 KB	834ms 833ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0dfd9e842e15d604fc0348ac48b4beec37af9a53488e5cfb00853d685455c6e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 42293 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 5117	15 KB 11 KB	57ms 56ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2ffaab5c7679e72f00007d8a85ebd50b5da83e9740ca076d72f83272e8b42d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11255 x-xss-protection 0
GET H3	200	DcmEnabler_01_247.js Show response s0.2mdn.net/879366/ Frame 4B11	29 KB 10 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 03:57:24 GMT content-encoding gzip x-content-type-options nosniff age 7368 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10136 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 May 2023 03:57:24 GMT
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame C897 Redirect Chain https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-1724616865008460&ias_chanId=1&ias_placementId=19422215943&bidurl=https://www.theyucatantim... https://static.adsafeprotected.com/4.js	1 KB 1 KB	78ms 49ms	Script application/javascript	2600:9000:223f:c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 2600:9000:223f:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-amz-version-id qG0gavlQiEpwK9AKo.qb12YTK3AnJXCR content-encoding gzip via 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront) date Mon, 15 May 2023 20:43:28 GMT x-amz-cf-pop FRA56-P5 age 206205 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status PENDING last-modified Mon, 08 May 2023 20:43:25 GMT server AmazonS3 etag W/"33dffa7df253125904b2f354b5bb5e8d" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id _e5brFelKIPZ4TLbx2HUhO0fdHDF3KO2zG3sBuwdvCK_V_kP_cYOCg== Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name app12.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame F25E	91 KB 23 KB	128ms 45ms	Script application/javascript	2600:9000:223f:c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 21 Sep 2022 15:36:17 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 20615036 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id pmxh_Ipnmdfprohp9HUOpNxzj9HuJEuCv3O7hGwIncfQQ6pA5P5P1A==
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 5117	17 KB 6 KB	58ms 58ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8469965667274063&plah=www.theyucatantimes.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 18 May 2023 06:00:12 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame C897	43 B 216 B	379ms 118ms	Image image/gif	2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c5403296-ca31-277c-9077-e5ab1f9cb40c&tv=%7Bc:cWwGKc,pingTime:-3,time:60,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEAn9IE+11%7C121%7C122%7C123*.990511-61634099%7C1231%7C1232%7C12331%7C1234%7C131%7C132,idMap:123*,rmeas:1,rend:0,renddet:na,siq:29%7D&br=c Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name dt06.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame C897	43 B 215 B	380ms 122ms	Image image/gif	2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c5403296-ca31-277c-9077-e5ab1f9cb40c&tv=%7Bc:cWwGKd,pingTime:-6,time:61,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:61,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEAn9IE+11%7C121%7C122%7C123*.990511-61634099%7C1231%7C1232%7C12331%7C1234%7C131%7C132,idMap:123*,rmeas:1,rend:0,renddet:na,siq:29%7D&tpiLookup=ao:www.theyucatantimes.com*%2Cwww.theyucatantimes.com*&br=c Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name dt03.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame C897	43 B 215 B	371ms 121ms	Image image/gif	2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c5403296-ca31-277c-9077-e5ab1f9cb40c&tv=%7Bc:cWwGKn,pingTime:-2,time:71,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:787,beZ:788,mfA:790,cmA:792,inA:792,inZ:796,prA:796,prZ:806,si:814,poA:815,poZ:837,cmZ:837,mfZ:837,loA:847,loZ:849,ltA:857,ltZ:857%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEAn9IE+11%7C121%7C122%7C123*.990511-61634099%7C1231%7C1232%7C12331%7C1234%7C131%7C132,idMap:123*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:29,sinceFw:42,readyFired:true%7D&br=c Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name dt04.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame C897	0 0	79ms 78ms	Fetch image/gif	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssznBP6YqQ8x7AkPqM5B9hOxILUKPmEz09j6APQ9fqf5F-ZbBCYMU_r2e_MY91bfqVgpKNj-rEFVz9-5C7IOSfNXEhMMFPjmbnP_2EvzxIRUUJL0wN4ZMsgr3-sP3kqu6JXtU5Ofcxr-8JyIn6bXr7ffir_ut62zMTdlVXwz2WKI2h2COG9QvnBnrpfTXP5VccOI5h-eMiEAJ42lFFx5uUYmYfup5Re7vPT6ItjRS8x-RVmjBA2b1--Z_sTzXdvFtb14QQz0saAfdLAfounA3qI3DAutlNOeJDCVAFNQzhPy_cPx3HuW9SCiZkVvK9CvmIqkanO0MyITJ8_Du-8glRf0JpZFRWN8ETUP9sIsGuSTG2VbJD7ypQAj2c6FjZYLnQP1y_ZBNFsjU8hdd6QuMqTcDdpNbjkbZeIC64V2OV2wVltk_8eIRhBgtsSlSs9NgMAmBabp83GcOAm3I6uBRLX_jZvnDo_hS6RNg4tnAD07ipC1cnh7B9dwpt8MgMNrQHJuZjKqx0Ahlgi7YX0bWSDJ_EVCUSOdt1Rg8Sqo2P1_mrEPxlUJueUbZGQeyCQsQjOlt7OeuIAKsvmoG8AtgswRqKH744FbbvrlSZV8j3ZNUKlCImOHeZonh0zewu0vubsX9dgnLMv4h2u9dGhPTUWjOn2BO0CrOLVJGh5BzLOgvvMflqiN9s67_P6G37nBWqKp6gNWfEQIcyScz2bbIw5EiDCNpNHedtfRMIWP8iNAn5DFfvh3f12Le9fAdktyAs9ONE8mCbIqZ93mea_DCxFqV_gPmVcb1INDFZ1JvjNno_YoYBU0-cBs76kcd-kBSigawSBvPc4vAm1ZKUdX4kUNNTGTVNelA_wgkZxgUzPz1HISCKfW1FEvCpLOO1oRojT6EccyTLGtDfZu_7D4CKujfGSO3lnWgeXMMo2b7gQAdhRm8Urg7i1OoZiGZ6Lk8CSgwqPGUcGlFdA3YjrjZEiYt_gMmKq6vQf9CCXhLC_xhY5WZhIb__KMv_PZIWcfZB6-0yQ-bRdpegrb6IdpkmwufRq9ajdqduVXx8jRQr7PrnYLl77Dxsd_YuyIurB_f_XlyDZ5W4lQZaEfd-og_HzgZ3QnJGcaiPvFMbAwSwDntRgtsTX7m8dxsSz7oHBqdJNRSPzWHLfDKluebuieUXS8lPS-rmqH5F5z5yueLZ5sk1JwNb_7WRohzh6eE6zuvw9BtNCaa9S2MvAaOXLVl6HAxIdBKoG_gy44KVOmJR4W_IaZwB7y6lU5by7r2H2-sL-f8mzMhwFnqX0lYaUmuhWrtiM7UJgq2aSstOQ39nFf3us8BNwx8Jt9jPtimx6KWyIrarRDcFzhrhYM2JYw5XyBs0RxGWN-g2L8G4Hcm3qxCtr&sai=AMfl-YTAFNp1BwdUowrRUPfMDjFX8rqytEsKheBm8KCTMWmFPw7tTZC_phJhIqvWRBaiAOt9sRjucib_a06IEhqvXnarTf1fvE9ObXVVCrIDyBnNY9_DjGYL3hqHHhcp524Z9Xx_9KXWHxQfrhwBC1VnpV7wuj_vCXWQiTuct5Vn7t6_tagVT9lc4lltzpFfKOztZdjpXWcDGweCfhq0mZ2P12vXaldAuRMUBarjuTUGrggZ8Ne-cYPev91qjq-PuQZIrd5J&sig=Cg0ArKJSzHex_1oG4rPQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=426&vt=11&dtpt=243&dett=3&cstd=180&cisv=r20230516.06646&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 18 May 2023 06:00:12 GMT
GET H3	200	cta_jetzt_buchen.svg s0.2mdn.net/creatives/assets/4331440/ Frame 4B11	2 KB 1 KB	41ms 41ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:58:32 GMT content-encoding gzip x-content-type-options nosniff age 100 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1056 x-xss-protection 0 last-modified Wed, 13 Oct 2021 09:19:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:13:32 GMT
GET H3	200	logo_flextarif.svg s0.2mdn.net/creatives/assets/4331440/ Frame 4B11	3 KB 1 KB	42ms 41ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:58:55 GMT content-encoding gzip x-content-type-options nosniff age 77 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1288 x-xss-protection 0 last-modified Thu, 21 Oct 2021 13:24:58 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:13:55 GMT
GET H3	200	head2_3line_paare.svg s0.2mdn.net/creatives/assets/4453672/ Frame 4B11	11 KB 3 KB	43ms 42ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:53:59 GMT content-encoding gzip x-content-type-options nosniff age 373 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3285 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:20 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:08:59 GMT
GET H3	200	head1_1line_paare.svg s0.2mdn.net/creatives/assets/4453672/ Frame 4B11	4 KB 2 KB	43ms 43ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:56:11 GMT content-encoding gzip x-content-type-options nosniff age 241 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1610 x-xss-protection 0 last-modified Tue, 08 Feb 2022 09:12:24 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:11:11 GMT
GET H3	200	tui_logo_live_happy.svg s0.2mdn.net/creatives/assets/4364511/ Frame 4B11	6 KB 2 KB	60ms 59ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:58:52 GMT content-encoding gzip x-content-type-options nosniff age 80 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2072 x-xss-protection 0 last-modified Mon, 08 Nov 2021 07:44:21 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:13:52 GMT
GET H3	200	300x600_kv_paar.jpg s0.2mdn.net/creatives/assets/4453672/ Frame 4B11	37 KB 37 KB	43ms 43ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4453672/300x600_kv_paar.jpg Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fec1d82b204775d2e2ff9fae80da6c932e9a5dbf9fea4e4e9bdfdf48e5dc2eeb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17425118478164857034/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 05:55:40 GMT x-content-type-options nosniff age 272 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38190 x-xss-protection 0 last-modified Fri, 11 Feb 2022 09:52:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 06:10:40 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C545	13 KB 5 KB	42ms 42ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1233 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 18 May 2023 05:39:39 GMT expires Fri, 17 May 2024 05:39:39 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame D6D3	783 B 536 B	53ms 53ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9ba9f81301727830afb3ee53747b7ea4c0deb8604b04769ee6963a7d3ce3fd28 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w2a99gpMz4L5R5slJ0B_JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-w2a99gpMz4L5R5slJ0B_JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:12 GMT expires Thu, 18 May 2023 06:00:12 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	dt dt.adsafeprotected.com/ Frame C897	43 B 215 B	315ms 122ms	Image image/gif	2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c5403296-ca31-277c-9077-e5ab1f9cb40c&tv=%7Bc:cWwGLh,time:127,type:e,im:%7Bpci:%7Btdr:56%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:127,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEAn9IE+11%7C121%7C122%7C123*.990511-61634099%7C1231%7C1232%7C12331%7C1234%7C131%7C132,idMap:123*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29%7D&br=c Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 64AE	0 20 B	76ms 76ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJucV675lZK7fJ4_mx_AP1a-LqAYAAAAAOAHgBAI&bg=!enmleS3NAAZ8_aWmXP07ADkAdvg8Wh0Ku3e1xG9AICEuJdgTgE2s1L_Wp_uQ7YGQWOic-iQrG33CXebUy38Zz5Gidokfm2J0YDwCAAAA0FIAAAACaAEHmQMR2dv09mCctNXCBeJavCMvp1qa2YiAD9U-L11jPWWaYpQGlsW590zGNAt3_l8rKGlWLCYZJxmTK39fZFrZMcbqXcPfY6cjBAHRsBgJNGZnthY3vrgrwuWD0QbhDB4ZjQGg0ZlNRfsPUzzWw5eCsxG6RLXaF6JOsnMVzfYH63BaMkmWcaYn-YGv-TPb1xuqPAqWjh3v8nlYuIhy8_JbW1u9ie1l2sVq5EY-s8K4y3XJK2s-9uQDVuCeJdqGZUsZZVyxc0Q6Z_l-SnK9e7T4OwKFNKf4eQGC0fFlQHsAf2BVeIBlNt-puYg3rvbTef6wtlVyQJRpxW6qa8Xf04LvVlsara3ZLmrXgNs_MP4FWQliRZIqYZalH5Wvj54p0zTZpmAT1yeMwMbEMwgeQf3d0KBBW0g1b16CAw10G6nSTF6W7wVVmfiuj-ZcYhQb4S4pqenfaSWqr6TPebE9Udni3DYGqvt0XsAzAcJUlpkn6m5Ouw6sDgp_jp8poMGBdB3ZIbjGV7oXriN7VmG9VcZ2mIjJMfebehUX-Sbq5_cIEZGSLQdi3wrMDG2kqEVx8KPXJ62B9cjpOqnPULao8eDr0CyfzXbuwHt-ErXZk8hA33kcpZo6zvu-24ym77lAaAY_6bRE_yTWVSOlQLSFqSoxtIkY9dpeRFutQGAwI1f7AdmR8NWG-N3yyHgnE_0RemVczb7vQMPChPXSyXjncDVBKsanVxldP4Nh_JD3YkhvsRlam5xc2Pmk1nAGERGfiWZ1L7QKqxPIzLAs8hD3qn978APWEiE3so7iN8Z-ig4b6v_CgZ_pKqX7ltreEu1SmYGT6czkldpWEhfXVQBUvMjPhabcaYC5wsh7-gp4EpPAKsgy4UfAupo46Rs_7R-SX-xbXrxoXbuNkBNyv0uHiBWW0dyg8DUhmNuTg7Oi2WrzS42_vFBYYYYsb0N7Q6sWHI62qE_ei8tHfIX92kTXgE0wWTZR3xDo1Ck-TPbwgYX6D-q-bU5DH6A-hTJbo4KnMQ6IzX7iidvOzwe-zkBTvAY-OkTQPDM Requested by Host: 9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com URL: https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response pagead2.googlesyndication.com/bg/ Frame C545	37 KB 14 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 09:01:20 GMT content-encoding br x-content-type-options nosniff age 75532 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14771 x-xss-protection 0 last-modified Mon, 08 May 2023 09:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 09:01:20 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D6D3	0 0	75ms 75ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4328064580764035&rc= Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C897	0 20 B	73ms 73ms	Ping image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=675lZK7fJ4_mx_AP1a-LqAY&p=ias&bl=0&twt=553&st=408 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C545	0 10 B	40ms 40ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?v8MD3A Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:12 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	dt dt.adsafeprotected.com/ Frame C897	43 B 215 B	119ms 118ms	Image image/gif	2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c5403296-ca31-277c-9077-e5ab1f9cb40c&tv=%7Bc:cWwGR6,pingTime:-10,time:488,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684389612707%7C%7C58ee1d96e393866b8b6fa562ab0701c9%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Ccaf4aa39b10f3c75d66a12276d194d20%7C%7Cea8ff535c8e48725a5b391148ba1ac2b%7C%7Cca51e4eb76e58cd8c00aabf971b53ff0%7C%7Cf2113dfbe3628e8309b4c9cd0da824eb%7C%7Cb80ba8a44ec3a00f045aedfadce263d5%7C%7C1663701684%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd -, , ASN (), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://9d9339c269c1d3dedaf279a218bc042d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:12 GMT server nginx x-server-name dt14.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	b67ddf7035d34f0f80245eeba475c95e.image p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/e9c391e7d10a4e21b2373a1f42a598a2_1676675954~tplv-dmt-logom:tos-useast5-i-0068-tx/ Frame C204	99 KB 100 KB	483ms 116ms	Image image/jpeg	23.223.209.197
General Check archive.org Show headers Download Go to Show image Full URL https://p16-sign.tiktokcdn-us.com/tos-useast5-p-0068-tx/e9c391e7d10a4e21b2373a1f42a598a2_1676675954~tplv-dmt-logom:tos-useast5-i-0068-tx/b67ddf7035d34f0f80245eeba475c95e.image?x-expires=1684411200&x-signature=loXCqdn5xd2KVkHvUrLvvV%2F3mbc%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.223.209.197 -, , ASN (), Reverse DNS Software nginx / ImageX Resource Hash e483016dfeb0c0c7cbd15cad8f5bde953cf3fd8e9d5c1b398e4eaf07abc0c96f Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:13 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static nw-session-id 202305150253185857BB8DC4C774EB32DAxbv2s41ff x-powered-by ImageX x-cache TCP_MEM_HIT from a23-215-187-197.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) x-bdcdn-cache-status TCP_MISS x-parent-response-time 228,23.55.235.36 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=174 x-length 101739 content-length 101739 last-modified Mon, 15 May 2023 02:53:19 GMT server nginx x-tt-logid 202305150253185857BB8DC4C774EB32DA x-response-date Mon, 15 May 2023 02:53:19 GMT content-type image/jpeg access-control-allow-origin * nw-session-trace 2023-05-15T02:53:19.000761066Z 170 cache-control max-age=31265661 x-origin-response-time 191,23.222.242.180 x-tt-trace-host 019e381058931638db50d318cb539c5c9ae9328d088a9735364849a63987cdd60606ae907117bd6f632dab90ffc661510a8cdf4954f1674f3a3cbf7eae30e9c434fe7981fb36c96048cff668ef83b25ee09645759b9e324553302e69162fb2257715407623d9199e5f012fb4b9d3e8140cafd162ef257db2251f9ffc60461ed4a4 imagex-fmt jpeg2jpeg timing-allow-origin *
GET H2	200	img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame C204	576 B 1 KB	40ms 40ms	Image image/svg+xml	184.24.77.6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/img-embed-previous-ad15e871ecc7afadf24624d1f5681da5.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.77.6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-6.deploy.static.akamaitechnologies.com Software / Resource Hash 6793fa2f8d1a76e1ff51f8a83ecf5aa7ebbdc5f422196c1cdcda31f496d4d41e Request headers accept-language de-DE,de;q=0.9 Referer https://www.tiktok.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-akamai-request-id adf9915 date Thu, 18 May 2023 06:00:12 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES content-md5 rRXocezHr63yRiTR9WgdpQ== x-cache TCP_MEM_HIT from a23-54-207-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=HIT, edge; dur=0 storage-tier Standard content-length 353 last-modified Wed, 15 Feb 2023 18:35:48 GMT opc-request-id iad-1:mIvH4TAExtFE40b8XY8vWvoa9zRoeLJn0cAWf7l_Y-FupPlyZmDQj9SQGwbYzqD3 x-api-id native etag 7e6b492f-0a96-45cf-a030-6eeabb053877 vary Accept-Encoding access-control-allow-methods POST,PUT,GET,HEAD,DELETE,OPTIONS content-type image/svg+xml version-id 4787b98a-728b-40d5-a2e2-6bad1fd5302b access-control-allow-origin * access-control-expose-headers accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id cache-control max-age=2592000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * expires Sat, 17 Jun 2023 06:00:12 GMT
GET H/1.1	206 Partial Content	/ v16-web-newkey.tiktokcdn.com/948322a00b716be74e53a6b2d0d844be/64661399/video/tos/maliva/tos-maliva-ve-0068c799-us/ed41d19c23e6476f997056975db42aad/ Frame C204	3 MB 0	41ms 41ms	Media video/mp4	2.16.238.134 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://v16-web-newkey.tiktokcdn.com/948322a00b716be74e53a6b2d0d844be/64661399/video/tos/maliva/tos-maliva-ve-0068c799-us/ed41d19c23e6476f997056975db42aad/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=2236&bt=1118&cs=0&ds=3&ft=ApKJEBeUq8Zmo8tfac_vjXEtfAhLrus&mime_type=video_mp4&qs=0&rc=ZDc7ZDs3NTM0Ojg8MzpnPEBpanNtdjc6ZngzaTMzZzczNEAwXy80Yy1jXl4xNF5fMmBhYSNobC9zcjRnaWxgLS1kMS9zcw%3D%3D&l=2023051806001062AC0AE42794F307CF51&btag=e00080000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.238.134 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-238-134.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Referer https://www.tiktok.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Range bytes=0- Response headers X-Akamai-Request-ID 11b30623 Date Thu, 18 May 2023 06:00:12 GMT X-Expires-MS 1684124286359 x-tt-trace-tag id=16;cdn-cache=hit;type=static X-Cache TCP_HIT from a2-16-237-134.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) X-Bdcdn-Cache-Status TCP_HIT Content-Range bytes 0-11056088/11056089 X-Parent-Response-Time 110,2.16.237.82, 117,23.15.177.12 Connection keep-alive Server-Timing cdn-cache; desc=HIT, edge; dur=1, inner; dur=3 Content-Length 11056089 X-Storagegw-Request-Id 202305150254431DC92FB441D0649E1A3A X-Akamai-Cache-Status edge_hit Last-Modified Fri, 17 Feb 2023 23:19:51 GMT Server nginx X-TT-LOGID 20230515041804CADF4054D40E40B2A2BF ETag "CIr3/ObYnf0CEAE=" Content-Type video/mp4 Access-Control-Allow-Origin * X-Storagegw-Response-Time Mon, 15 May 2023 02:54:44 GMT Cache-Control max-age=15281749 X-Origin-Response-Time 25,23.43.56.127 x-tt-trace-host 011e2550de962c6da3fb84818154db39c35f3820967c2157b0e5f9a70d7053a2af9766dadf7eedb23c009363efb1d7748bb32e0458a6c282aeed5be123b2456b2422afe0d96751bf051963cb4af786d4e4efad248debecff4d61c31caadd016007db90b671f5ba3d71bdd131282b3661b41850ed9d6a59255c8d64c0f77d074a448ec1c50ccdbfae3cd772e47ce81b86bb Accept-Ranges bytes
POST H2	204	/ Show response mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame C204	0 858 B	170ms 169ms	XHR application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers x-akamai-request-id 783641d.1ca0b7e6 date Thu, 18 May 2023 06:00:13 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-parent-response-time 125,95.101.54.239 cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=MISS, edge; dur=103, origin; dur=26, inner; dur=5 server nginx x-tt-logid 202305180600122EFE4D9D278DFA9898BA x-cache-remote TCP_MISS from a23-43-56-151.deploy.akamaitechnologies.com (AkamaiGHost/11.1.0-48603064) (-) access-control-max-age 600 access-control-allow-methods POST, OPTIONS, GET content-type application/json; charset=utf-8 access-control-allow-origin * x-origin-response-time 26,23.43.56.151 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede00d8fe4626942866792b19ce4ab34636512cbe46e5fcb5bf1224989979673798af6fc9b48379293cf63255602e4f155705abe9199067bd957990fb3ebc559ba2102861bd7df7446b93ec2de031c2265a5f access-control-allow-headers Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 1077	281 B 554 B	136ms 40ms	Document text/html	23.56.202.187
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Thu, 18 May 2023 06:00:13 GMT ETag "40010-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame C191	52 KB 17 KB	187ms 43ms	Document text/html	23.35.236.188
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.relappro.com URL: https://cdn.relappro.com/resources/js/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.188 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.theyucatantimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 18 May 2023 06:00:13 GMT ETag "623de86a-cf34" Expires Fri, 19 May 2023 06:00:15 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding
OPTIONS H2	204	/ mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame	0 0	138ms 137ms	Preflight	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-headers Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV access-control-allow-methods POST, OPTIONS, GET access-control-allow-origin * access-control-max-age 600 cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:12 GMT server nginx server-timing cdn-cache; desc=MISS, edge; dur=82, origin; dur=15 inner; dur=4 x-akamai-request-id 31d764b6.1ca0b787 x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-cache-remote TCP_MISS from a23-43-56-159.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-origin-response-time 15,23.43.56.159 x-parent-response-time 97,95.101.54.239 x-tt-logid 2023051806001153678FFD4D93A79C3CB4 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede002385a8f28a92b02361903644c7497afff3e90db86f028400aa7b8cab09a2586fffcd5f9d72bad3b8ef8935137319a6a984c706b7037ae0e00d2ab41c446c1b9ed53fbe77ec7a8d3e15ead97193759aff x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
OPTIONS H2	204	/ mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame	0 0	137ms 136ms	Preflight	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.tiktok.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-headers Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV access-control-allow-methods POST, OPTIONS, GET access-control-allow-origin * access-control-max-age 600 cross-origin-resource-policy cross-origin date Thu, 18 May 2023 06:00:13 GMT server nginx server-timing cdn-cache; desc=MISS, edge; dur=83, origin; dur=13 inner; dur=3 x-akamai-request-id 1fb6bc2.1ca0b7df x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-cache-remote TCP_MISS from a23-43-56-110.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-origin-response-time 13,23.43.56.110 x-parent-response-time 96,95.101.54.239 x-tt-logid 202305180600127ACBAD288300E1AC2927 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede00d5722f008b915af2645f91d843b658e76f9aafd03cfb5f7d4b5728b60d241e1e8a55792a453a49c8a0fe1e60d93763b7b8de0573e4bfd64907f412112dd3745f x-tt-trace-tag id=16;cdn-cache=miss;type=dyn
POST H2	204	/ Show response mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame C204	0 859 B	145ms 144ms	XHR application/json	95.101.54.243 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed Requested by Host: sf16-secsdk.ttwstatic.com URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.54.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-54-243.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.tiktok.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-Type application/json Response headers x-akamai-request-id 17736a59.1ca0b831 date Thu, 18 May 2023 06:00:13 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-54-239.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) x-parent-response-time 104,95.101.54.239 cross-origin-resource-policy cross-origin server-timing cdn-cache; desc=MISS, edge; dur=85, origin; dur=19, inner; dur=5 server nginx x-tt-logid 20230518060012EB2AA5F0036595991756 x-cache-remote TCP_MISS from a23-43-56-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48141169) (-) access-control-max-age 600 access-control-allow-methods POST, OPTIONS, GET content-type application/json; charset=utf-8 access-control-allow-origin * x-origin-response-time 19,23.43.56.175 x-tt-trace-host 0151bb0d5f93350975933dde147b0a4689779de1f0bea24392c2b0b4dc680ede00a2f3828889fcb854776d890fac41a4aac6815661348098f116d10f0ba1ad56a77262f7b11a6f73bec28a08e536bba0ddcf82d3588f995ff903935c7cc9aba3fe1fd6164eaed4a894e33360efe19b2452 access-control-allow-headers Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
GET H2	200	css fonts.googleapis.com/ Frame 2E2A	9 KB 1 KB	50ms 50ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 18 May 2023 06:00:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 18 May 2023 04:51:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 18 May 2023 06:00:13 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2E2A	2 KB 765 B	40ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 18:30:59 GMT content-encoding br x-content-type-options nosniff age 41354 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 18:30:59 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 2E2A	0 0	87ms 87ms	Fetch text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C45sa7L5lZNCiDcTamLAP9v6y0A6TpfSlaqTGtd2IEb-v1JO6AhABIKKF60dgleqkgrAHoAGDh7DMKMgBCakCFz8CjpEysj6oAwHIA8sEqgTmAU_Qs4Dx0fQWJTSqp5lzT8-I8eKcDbeh8a66WkgUPGYUrCvWap_sSt9ZwTmBGAIf4ir7El8dQ6zr5RukglqXEclgvwBYhssULyu3LTZMzoyWFhLSH5Q1LaW9LBBf8qZ9pWbJEO6erg4JNLeO9_kFFTB74PisKfqjIa22ieV0MpqstearhSExp6nFezqe2YpfSp6Ux1LpfYrEDYzM3d7gC0YVgx1IGsmJ0jPAGi8Ks_U0a8DR8zhN_PNBGvKodROyRe33HFTD6lwzDMYov9D04Z9H0cYnZCkK-JuJ1CWxvXwaNdZwz3QXwASw266bgASSBQQIBBgBkgUECAUYBKAGLoAHg7-ArAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCGwT3SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBOIBNgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDY5OTY1NjY3Mjc0MDYzGAA&sigh=3Q8k1ec4FSA&uach_m=[UACH]&cid=CAQSOwBygQiDcFg-WvcXzyhghHARoyfM_CBGKMkd7F_n_Z8hk6EeTkr2tZSDAfWgmoaNm9beQ_DAackIXnbsGAE&template_id=520 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 18 May 2023 06:00:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	400	data=8bGSxl0O0JI_D-lGukXzcIef9LLukIJ3hFGGzS1D7aO8lT9VfyjmAznDuWLtQKM9RRCcwtCxJD3vglDbaQN-Pg mts0.google.com/vt/ Frame 2E2A	0 0	159ms 49ms	Image text/html	2a00:1450:4001:82f::200e
General Check archive.org Show headers Download Go to Show image Full URL https://mts0.google.com/vt/data=8bGSxl0O0JI_D-lGukXzcIef9LLukIJ3hFGGzS1D7aO8lT9VfyjmAznDuWLtQKM9RRCcwtCxJD3vglDbaQN-Pg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 2E2A	297 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2E2A	336 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2E2A	462 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2E2A	465 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/ Frame 2E2A	22 KB 9 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 17:46:57 GMT content-encoding br x-content-type-options nosniff age 43996 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8780 x-xss-protection 0 server cafe etag 16540081610679671253 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 17:46:57 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2E2A	3 KB 1 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 17:47:01 GMT content-encoding br x-content-type-options nosniff age 43992 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 17:47:01 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/ Frame 2E2A	19 KB 8 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230516/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 17:47:01 GMT content-encoding br x-content-type-options nosniff age 43992 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7953 x-xss-protection 0 server cafe etag 16153819885643670827 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 31 May 2023 17:47:01 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 2E2A	0 0	47ms 47ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAEyNSE0ZgMWK0Wfg1dkSBtxZGaRQSXZNzGQf3BdnQLqi05aXZg3gBiZAfpQb0LHiv1bRnxgztGDwvOgN7HLZKFTPNVg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2E2A	170 KB 53 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53893 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1684322484769956" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 06:00:13 GMT
GET H2	200	a0d8c68f3de0718362c8759993c4ce7f.js Show response www.gstatic.com/mysidia/ Frame 2E2A	32 KB 14 KB	127ms 40ms	Script text/javascript	2a00:1450:4001:827::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 12 May 2023 20:46:22 GMT content-encoding gzip x-content-type-options nosniff age 465231 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13639 x-xss-protection 0 last-modified Fri, 12 May 2023 20:16:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 10 Aug 2023 20:46:22 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 5117	0 0	76ms 76ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4328064580764035&bg=!_f6l_qrNAAYldGN0BXQ7ADkAdvg8Wp6NLlDI6sVWHqsoLSkXsJAsnEZnQ4Z0RoYJneebnNKR24YUMhqJ-U0p-7RnzXk9aPmmNnsCAAAAb1IAAAADaAEHCgBUGXUB0zUDKYFTCbzhTcPhKylFJ1aURYfEFClvYuERaBGyr1F5iL1pRuYboIBj6nmgwlrBxJhy8TvySBhVSq2l7eOyfN_keNkgIcxkilwPfrFvuKurmQK9yFdDKawTEpM7F-0pnPZzdmS8_HvoziF2j_J4Ab2I-FwU9syBhaCsLGWpBf122zUGPdgrNXXvGE1C0-vRqD6L-NNamfIYg0YeunoqWF5g4ZpMf95Ci-nGhjRYjmNO4TmmPFSUUwCHiU9INebR6yFk0TbZzgSqzNFsBOgX__v2pBnXn5UkmX9gPhlnS7Gg_jtWKlotjmJtWG-8SEYvNTc1ySgvk50DrZUkJHuT8Qsg8o_Sc2NMKmG1l9adNrbCYAfxvIwAxnRkjqctnM1Bd929G01iJAWghp2H5BAcl6gkSZ_18VMKgtg3ywkZlXcEYAuDC7nHfURhhk2CrhVVqHgdGY6jNkWxt3Fesflez6fIoTSP-TwZwjrAMksltXinFg2PK7nU56_JpkJ4ow_QON1jHZG5kvJfo0TnXVyp94KtAKAQX59zp0YvWY0hEXh6bxQ0UYMlgUe5vB-Rjbl8QIt_bCuXvT8KZCFGbI_nTNwXbaS8pA0CqfKOUyZa9q_0rX41L3llM9dMpEwajwz0E2G3jHK8rfxMswvcBIn32CnWTkzThm8MzN5_d6r9OpSqNL_PYDccAgkHff_3wg-SwWv2kRI6Pa7K0Du1k3-Ef2KettptYkzbjBYGb70ZmOXzpY7d2zDNo9GMPpWVk8HTNRTrA5N_aXEml8nzBITzKSRQgG5CUb-F0OCGT2ixuqYZOtXfTljZodZVW5akXYtMwpR0DhU2t1ph02PE9WOOJxNbNo2s_nVeaw23fgLcqFtbSID_AjsY5TiwjlF3fTkKu_SgTEUry2SIsyWO1zSgAQBn3At1kPQFKWjgbl9MRHt4_rRNU4Yo1srcbhUIfjv_0R1UkjknoFkqG_5-QKQsKaHHR0y9De-TfjLgjPG7sTeMN5PUrYDSm6gzy1a5PRZjZg-lQEXcy5cuim_ZOG-Tqh0 Requested by Host: www.theyucatantimes.com URL: https://www.theyucatantimes.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.theyucatantimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame E06A	1 KB 643 B	39ms 39ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 52945 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 17 May 2023 15:17:48 GMT etag 48472445140208031 expires Thu, 18 May 2023 15:17:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 1077	34 KB 10 KB	45ms 44ms	Script text/html	23.56.202.187
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 6f5b3dd001d9cca535328dd513891a1528887d5f03de0f33d3e2c0957ef48f75 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Date Thu, 18 May 2023 06:00:13 GMT Content-Encoding gzip Last-Modified Wed, 17 May 2023 13:53:23 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28399 Connection keep-alive Content-Length 10021 Expires Thu, 18 May 2023 13:53:32 GMT
GET DATA	200 OK	truncated / Frame 2E2A	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 70a2ed655023ca12f7973d6e64086d5ee4d6b307ddfe968fdc1076b2dd869baa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v46/ Frame 2E2A	29 KB 29 KB	42ms 41ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Sat, 13 May 2023 05:24:40 GMT x-content-type-options nosniff age 434133 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29728 x-xss-protection 0 last-modified Mon, 03 Apr 2023 16:59:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 May 2024 05:24:40 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E06A Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEEXyI4DJAmzwYOUcfiItNc0&google_cver=1&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-uQqN9gpeZVzxopq... https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744E178FA9464C8A97B5F475B9785B7F&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-...	170 B 188 B	50ms 50ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744E178FA9464C8A97B5F475B9785B7F&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-uQqN9gpeZVzxopqNqQv6OAGgj-wlVGA8zrFYplCm81gHcNQwZ_os15MJA-A Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 18 May 2023 06:00:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744E178FA9464C8A97B5F475B9785B7F&google_push=ATf1kGNdpsMvzuF9XdzDn8Dc6emXDiLVrxgrJ0pwYEqyhi260QJEUb2RtByKPlC1wXQfxkRwICrvMAs_vpKt5h-uQqN9gpeZVzxopqNqQv6OAGgj-wlVGA8zrFYplCm81gHcNQwZ_os15MJA-A access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Wed, 17 May 2023 06:00:13 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E06A Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAtlGUp8gR3Ae2BZBJ9FGSA&google_cver=1&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAtlGUp8gR3Ae2BZBJ9FGSA&google_cver=1&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bS... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBz...	170 B 188 B	51ms 51ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBzsdPwLZxHNF6A&google_hm=SWo8E9fgQYOYjJx6ZEH9fQ== Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOun2Wgvo_NxW_lK5o0BssxJqo8aIavyzQQFSyRMV-mO20tNH64tGCFxGHDwUARl3JdewU96N-k-lA1bSUNYYLl-7Xgzlm962pQnnPFWNAo3E9uYjehtg3p3k_n2_MGBzsdPwLZxHNF6A&google_hm=SWo8E9fgQYOYjJx6ZEH9fQ== date Thu, 18 May 2023 06:00:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame E06A Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBBuVN8Su5p4xXviU-E3t_8&google_cver=1&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe_Yro85Kh5BrFZ5NDd9PZmdET3WFICZoOxSMPPe...	170 B 188 B	50ms 50ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe_Yro85Kh5BrFZ5NDd9PZmdET3WFICZoOxSMPPeCC2-_cgzCUjLQ&google_hm=eS11RV81UTVSRTJwSE1kTFBzWGxxLlhmZUJiVTRXXzAxc35B Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 18 May 2023 06:00:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNsLN0Da2drAXza2v_GK_R4Vo0RliUYULIv3RQW1DICp1Cr43behbLpk8I-0_I0CsqAQ8CupYF7erU5CbyAFftlUMe_Yro85Kh5BrFZ5NDd9PZmdET3WFICZoOxSMPPeCC2-_cgzCUjLQ&google_hm=eS11RV81UTVSRTJwSE1kTFBzWGxxLlhmZUJiVTRXXzAxc35B content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame E06A	43 B 362 B	40ms 39ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPR8rG8UH8lIcdjdQYCayeY&google_cver=1&google_push=ATf1kGMLjCQaHbg3yL_YHJHgqyxHDguHgzC9Wisru2mYiy_Le_e_-ResFpYVwbQ3w6xGiIZ_JeKzAQ76EbuiOkaBZuXaaQeACceXZkDG7fkvE7ZXNILA_OwfWmH_UtZsFPPkgtFnJ9v-G7Ip Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 217796 expires Thu, 18 May 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E06A Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENhKowvjZea4IaCiVFgwGFo&google_cver=1&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENhKowvjZea4IaCiVFgwGFo&google_cver=1&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3ODg2ODQ5OTQzNzMwODMxNg&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wd...	170 B 188 B	51ms 51ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3ODg2ODQ5OTQzNzMwODMxNg&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6pfpKZXemYNvHjJGlUmwlWFOaBG2e3DstbK7xoUZnTYNbvaAqEiYo3oqtpKplF4xFTQ Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk3ODg2ODQ5OTQzNzMwODMxNg&google_push=ATf1kGPhxXmO0LXSTCy9Pr7MpjGX4glLi9oPfFDPJUeHk2IGDx9qIMyvTUENrGGuhRb5HSbMY0h9wdw6pfpKZXemYNvHjJGlUmwlWFOaBG2e3DstbK7xoUZnTYNbvaAqEiYo3oqtpKplF4xFTQ access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame E06A	0 12 B	48ms 47ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IR-xgIzbkQPbVCdVCXwE8o4xCYw90__I4xSV-QNGGL1jAgRjm1a3FPTIc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame C191	0 858 B	56ms 56ms	Script text/html	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Pragma no-cache Date Thu, 18 May 2023 06:00:13 GMT AN-X-Request-Uuid 7909929c-36c0-4227-9ea0-0f2c61954d88 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.7.105; 80.255.7.105; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response pagead2.googlesyndication.com/bg/ Frame 67BB	37 KB 14 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8469965667274063&output=html&h=250&slotname=8176470741&adk=3855138840&adf=3279755399&pi=t.ma~as.8176470741&w=1200&fwrn=3&lmt=1684389612&rafmt=11&format=1200x250&url=https%3A%2F%2Fwww.theyucatantimes.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684389611968&bpp=3&bdt=150&idt=197&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&cookie=ID%3D41f6e454fa706896%3AT%3D1684389610%3AS%3DALNI_MYh5YnACR36LKh3ecqUyhljxV_BEQ&gpic=UID%3D00000c173785af5b%3AT%3D1684389610%3ART%3D1684389610%3AS%3DALNI_MbKivuojE0OepkO93dF7WOR9ylKuw&correlator=1844201850652&frm=23&ife=1&pv=2&ga_vid=1446387792.1684389609&ga_sid=1684389612&ga_hid=1220003614&ga_fc=1&nhd=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=296&biw=1600&bih=1200&isw=1200&ish=0&ifk=521989069&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788442%2C44789923%2C44791770&oid=2&pvsid=4328064580764035&tmod=1785545034&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=1&uci=1.fzo56y3kkob2&fsb=1&dtd=215 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 16 May 2023 18:29:53 GMT content-encoding br x-content-type-options nosniff age 127820 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14579 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 May 2024 18:29:53 GMT
GET H2	200	rubicon match.adsrvr.org/track/cmf/ Frame 1077	70 B 264 B	75ms 73ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/rubicon Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 18 May 2023 06:00:13 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET		dcm aax-eu.amazon-adsystem.com/s/ Frame 1077	0 0
GET		dcm s.amazon-adsystem.com/ Frame 1077	0 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 1077 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFy5eRDw0IXR0vcbsDs0eXY&google_cver=1	0 239 B	42ms 42ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFy5eRDw0IXR0vcbsDs0eXY&google_cver=1 Protocol HTTP/1.1 Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 704c1e4d3fcc922a3031d436b584678b P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFy5eRDw0IXR0vcbsDs0eXY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		sync.php pixel.rubiconproject.com/exchange/ Frame 1077 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhTUTMwVEEtMVctRTZaWQ== https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjAnZLKnHM7Mlc1t9tRq1M&google_cver=1	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 1077 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjUwNDViZGIwZDk4ZjNlZGEyYzY5NTVmMzBkOThmYWIyZjU4MmFmNA	170 B 188 B	74ms 74ms	Image image/png	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjUwNDViZGIwZDk4ZjNlZGEyYzY5NTVmMzBkOThmYWIyZjU4MmFmNA Protocol H3 Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers pragma no-cache date Thu, 18 May 2023 06:00:13 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjUwNDViZGIwZDk4ZjNlZGEyYzY5NTVmMzBkOThmYWIyZjU4MmFmNA Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 5b959e9b7aef6dd90a6fa539ca64ac62 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET		setuid px.ads.linkedin.com/ Frame 1077 Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHSQ30TA-1W-E6ZY	0 0
GET		QnMH8dBF_bKI7djdBL13Ssn5EUdSAgOZEtemQ7w0kco pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 1077 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/QnMH8dBF_bKI7djdBL13Ssn5EUdSAgOZEtemQ7w0kco?csrc=	0 0
POST		report mssdk-va.tiktok.com/web/ Frame C204	0 0
GET		flood-italy-396x377.jpg www.theyucatantimes.com/wp-content/uploads/2023/05/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aax-eu.amazon-adsystem.com

URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain

s.amazon-adsystem.com

URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain

pixel.rubiconproject.com

URL

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjAnZLKnHM7Mlc1t9tRq1M&google_cver=1

Domain

px.ads.linkedin.com

URL

https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHSQ30TA-1W-E6ZY

Domain

pr-bh.ybp.yahoo.com

URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/QnMH8dBF_bKI7djdBL13Ssn5EUdSAgOZEtemQ7w0kco?csrc=

Domain

mssdk-va.tiktok.com

URL

https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswVOQDaIDb5EtthcEPVeovgM

Domain

www.theyucatantimes.com

URL

https://www.theyucatantimes.com/wp-content/uploads/2023/05/flood-italy-396x377.jpg