jeonews.xyz Open in urlscan Pro
192.64.117.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jeonews.xyz/
Submission: On July 18 via api (July 18th 2023, 5:31:54 pm UTC) from US — Scanned from DE

Summary HTTP 188 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 10 countries across 30 domains to perform 188 HTTP transactions. The main IP is 192.64.117.79, located in United States and belongs to NAMECHEAP-NET, US. The main domain is jeonews.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 18th 2023. Valid for: a year.

This is the only time jeonews.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	192.64.117.79 192.64.117.79	22612 (NAMECHEAP...) (NAMECHEAP-NET)
10	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
8	104.16.122.91 104.16.122.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.129.46 104.17.129.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 15	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	18.195.75.15 18.195.75.15	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.28.142.138 52.28.142.138	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
188	23

22 192.64.117.79 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium192-2.web-hosting.com

jeonews.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.122.91 (None, )

ASN13335 (CLOUDFLARENET, US)

www.geo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.129.46 (None, )

ASN13335 (CLOUDFLARENET, US)

i.tribune.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

profit.pakistantoday.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pakistantoday.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.74.194 (Staten Island, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.75.15 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-75-15.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.142.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	678 KB
30	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	273 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com	349 KB
22	jeonews.xyz jeonews.xyz	480 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	9 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	449 KB
8	geo.tv www.geo.tv — Cisco Umbrella Rank: 63176	238 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	902 B
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
3	pakistantoday.com.pk profit.pakistantoday.com.pk www.pakistantoday.com.pk — Cisco Umbrella Rank: 840371
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2200	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1044	2 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	207 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	650 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5907	747 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	825 B
2	tribune.com.pk i.tribune.com.pk — Cisco Umbrella Rank: 218387	189 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	628 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 577	733 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	716 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	544 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	605 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	243 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	87 KB
0	onetag-sys.com Failed onetag-sys.com Failed
188	30

	Domain	Requested by
44	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	jeonews.xyz	jeonews.xyz
20	pagead2.googlesyndication.com	jeonews.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	cm.g.doubleclick.net	2 redirects jeonews.xyz googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com jeonews.xyz
12	fonts.gstatic.com	fonts.googleapis.com
10	www.gstatic.com	googleads.g.doubleclick.net
10	fonts.googleapis.com	jeonews.xyz googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
8	www.geo.tv	jeonews.xyz
4	sync.teads.tv	2 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	pm.w55c.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	pool.admedo.com	2 redirects
2	s.tribalfusion.com	jeonews.xyz
2	a.tribalfusion.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	profit.pakistantoday.com.pk	jeonews.xyz
2	i.tribune.com.pk	jeonews.xyz
1	www.pakistantoday.com.pk
1	match.adsrvr.org	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	jeonews.xyz
0	onetag-sys.com Failed	googleads.g.doubleclick.net
188	36

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
jeonews.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-05-18` - `2024-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
pakistantoday.com.pk E1	`2023-06-19` - `2023-09-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://jeonews.xyz/
Frame ID: AF5501B4B65CE4FFC9F382F649E11519
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html
Frame ID: 394080DE4F471589B8B08B91CD37241C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&adk=1812271804&adf=3025194257&lmt=1689701508&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fjeonews.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508731&bpp=7&bdt=795&idt=178&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7252566774430&frm=20&pv=2&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: 37D833D8F932DA3EEE91869686BECADC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=1675051392&adf=2592710718&pi=t.aa~a.4092920842~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701508&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508738&bpp=2&bdt=802&idt=203&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xtOh4CIstb&p=https%3A//jeonews.xyz&dtd=207
Frame ID: 1AFB45251D4C765A1A8F732028C3B5AF
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 3E40160E8D9828ADF7F66B59B88157C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28
Frame ID: B4E8AB06AF8A8817D06F4B31EB6D8857
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39
Frame ID: 1A8E623C9FFCDD1A14FB0A1DC5D75B4B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=3804773678&adf=3849035620&pi=t.aa~a.1564433801~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2543&idt=0&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=5&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=xX1Ro8x6Ug&p=https%3A//jeonews.xyz&dtd=50
Frame ID: F463452B12C6347A07C69032DC8826F6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1
Frame ID: CDAE9AD1C7D86342102530B078DF246F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6F8944279A4F5C906BC1449B011EA4C2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1
Frame ID: 23F851DB33A8B3FFCC17876956FE330A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8EDEBAB35E5E0747974BF21E41F577CF
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A02CA0DF5CF394287E1742F1353387D7
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: A71297B9DF75BDBC07E3E5684BB65AF9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: C0B3C89B7E64CA74AF60E8DFAABE74BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: C603E76CC64F1AB004F31B151425BAD6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: D0CDDB6E30D6BB6DC15A349E5F346AE4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A06C32E74F5419EF657AD92DDBA854D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7FB26E95C1D4007A3DF7201674C00656
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C6C6F1AF46215E94580FC1F08E51D24
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 0AA89DA55912448A0B81E4B9AA91ACC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: D23A60BA0D4540C31C74F4EEE2CAC9B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Frame ID: 8B19EBFF5DE59C04B166A67C865E4C97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF2AD42A2F8FC316C3CB157F0E3BC073
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E54EF163AF3AD552E49B093A38693AF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Jeo News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

188
Requests

92 %
HTTPS

47 %
IPv6

30
Domains

36
Subdomains

23
IPs

10
Countries

2755 kB
Transfer

7554 kB
Size

35
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/tagdiv
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/tagDivOfficial
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/tagDiv
Title: Subscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 138

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENry1FqE2aT-8sBiIXftzLs&google_cver=1&google_push=AaAOQGEVCD2W7NppzqrsHpwGGaiPxO4UEEt5ILyqADwbfpjONwDZU4bH6m6R8wzRiOlhOyyc1uaTzKaaOaLhZCrX770IDNKTDfcaow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENry1FqE2aT-8sBiIXftzLs&google_push=AaAOQGEVCD2W7NppzqrsHpwGGaiPxO4UEEt5ILyqADwbfpjONwDZU4bH6m6R8wzRiOlhOyyc1uaTzKaaOaLhZCrX770IDNKTDfcaow

Request Chain 139

https://um.simpli.fi/gp_match?google_gid=CAESENoISMtynicdDnua-u41C5E&google_cver=1&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRznykZ2BFav4gOJ01w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA65BC6E180A4619875A5B6DBCBE4FF6&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRznykZ2BFav4gOJ01w

Request Chain 140

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAmA_C9hnW72o4kbHmLpuP0&google_cver=1&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAmA_C9hnW72o4kbHmLpuP0&google_cver=1&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=8ecbee3a-cbf7-4c11-ad06-cc39498740c8 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=8ecbee3a-cbf7-4c11-ad06-cc39498740c8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=139d2f7a-84b6-4f29-9c2a-4ddc54a6ebe3&user_group=1&ssp=google&bsw_param=8ecbee3a-cbf7-4c11-ad06-cc39498740c8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y&google_hm=jsvuOsv3TBGtBsw5SYdAyA==

Request Chain 141

https://d5p.de17a.com/cookies/google?google_gid=CAESEAgszT2SYcZFEBPvHZCDfnw&google_cver=1&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAgszT2SYcZFEBPvHZCDfnw&google_cver=1&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA

Request Chain 163

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj014kTBRhojCeVuGwJEQjjdAbYyDanKpKcvYgCdvjgrMgaW8KK0hVC1tvO8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj014kTBRhojCeVuGwJEQjjdAbYyDanKpKcvYgCdvjgrMgaW8KK0hVC1tvO8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXF2VXBsRHUxUWxPeWI1&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj014kTBRhojCeVuGwJEQjjdAbYyDanKpKcvYgCdvjgrMgaW8KK0hVC1tvO8

Request Chain 164

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPovb0H4ndCBjoRO4Tm1NvE&google_cver=1&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrEKDk7JxFGCgSZmaLt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrEKDk7JxFGCgSZmaLt

Request Chain 165

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 167

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPZggAPMhZs9kPpcMSZh5rg&google_cver=1&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOWMrMoSNR96tUwfRHIaDhr9n3RI0IaUh-KxqF86MiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOWMrMoSNR96tUwfRHIaDhr9n3RI0IaUh-KxqF86MiA&google_hm=1I89VsgNTt2DTqT_RXgi1QM

Request Chain 168

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKYOG5kiulycmi_mC8q_-zY&google_cver=1&google_push=AaAOQGFSpO_9QE0eW0oEFqZqaxIvpiyvPBye-9w4VeiDspbZ7FJRJrE2_UoBDTNqVWo35dt3EEUViUL_v9W6PBU9yL87A00_iSBumbX0Gw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFSpO_9QE0eW0oEFqZqaxIvpiyvPBye-9w4VeiDspbZ7FJRJrE2_UoBDTNqVWo35dt3EEUViUL_v9W6PBU9yL87A00_iSBumbX0Gw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 173

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED0zSbREtGPPtOqx_im4fts&google_cver=1&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sXpmhDSNSZHn7m4bOvukPnGeD_j_BBaNzmSykm7_M72Vcw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sXpmhDSNSZHn7m4bOvukPnGeD_j_BBaNzmSykm7_M72Vcw&google_hm=DoX5tz5cO_djOXLu_rb-UQ

Request Chain 176

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiqhww60ShlpKqEq2_Ma9poZwINsolOQIjg&google_gid=CAESEJ82GVN6AfpzEYGNAhFgZ2Y&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiqhww60ShlpKqEq2_Ma9poZwINsolOQIjg&google_gid=CAESEJ82GVN6AfpzEYGNAhFgZ2Y&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MTgxNzMxNTEwMDAxNjYxMzA1NDE1Mg%3D%3D&google_push=AaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiqhww60ShlpKqEq2_Ma9poZwINsolOQIjg

Request Chain 178

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIi_AXhvhc_MkNcw0bDknOU&google_cver=1&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOcyZpH3KnE3J4vmr3TnpE90w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIi_AXhvhc_MkNcw0bDknOU&google_cver=1&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOcyZpH3KnE3J4vmr3TnpE90w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU1MTA1NjgzNTA2MjU5ODczOA&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOcyZpH3KnE3J4vmr3TnpE90w

Request Chain 179

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKYOG5kiulycmi_mC8q_-zY&google_cver=1&google_push=AaAOQGFUQb1z82a8g0ibPdJf9j50buQr1ezxkegpp7oaeC7CXOnfPoUY2OFI1OAC16tdCHcY0I-xKJjFLS7GPUyxOelADdpRnqn3vRs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFUQb1z82a8g0ibPdJf9j50buQr1ezxkegpp7oaeC7CXOnfPoUY2OFI1OAC16tdCHcY0I-xKJjFLS7GPUyxOelADdpRnqn3vRs HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

188 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jeonews.xyz/ 465 KB
73 KB 2939ms
2614ms Document
text/html 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 74508879b25f5851bc5c1f6a633d04d81fea1bec08b8a76256d69a5a13e2522a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 17:31:47 GMT
link: <https://jeonews.xyz/wp-json/>; rel="https://api.w.org/" <https://jeonews.xyz/wp-json/wp/v2/pages/39>; rel="alternate"; type="application/json" <https://jeonews.xyz/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
jeonews.xyz/wp-includes/css/dist/block-library/ 95 KB
12 KB 299ms
298ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Fri, 10 Mar 2023 10:52:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11775
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 classic-themes.min.css
jeonews.xyz/wp-includes/css/ 291 B
490 B 299ms
299ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Tue, 14 Feb 2023 07:20:20 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 291
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 style.css
jeonews.xyz/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 300ms
299ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4392
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 70ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4030e98dbf643d9fd052863c3621e1c78ff2b159188d4242afd4579b3f05b116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 15:50:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:48 GMT

GET
H2 200 style.css
jeonews.xyz/wp-content/themes/Newspaper/ 146 KB
24 KB 443ms
443ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/themes/Newspaper/style.css?ver=11.4
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:11:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23858
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 td_legacy_main.css
jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 155 KB
22 KB 445ms
445ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 22337
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 td_standard_pack_main.css
jeonews.xyz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
57 KB 446ms
446ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:19:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 58372
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 demo_style.css
jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/ 4 KB
1 KB 595ms
595ms Stylesheet
text/css 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/demo_style.css?ver=11.4
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 909
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 jquery.min.js Show response
jeonews.xyz/wp-includes/js/jquery/ 88 KB
30 KB 596ms
596ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 09 Mar 2023 05:07:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30376
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
jeonews.xyz/wp-includes/js/jquery/ 13 KB
5 KB 597ms
597ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Tue, 07 Feb 2023 07:29:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4603
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 99ms
66ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3867440639606058

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a16ccdb99bca0153bccbb954b46962356bdc071a58d7733828db586f8e3478b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51067
x-xss-protection: 0
server: cafe
etag: 14790864629340957139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
87 KB 75ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVT6RKQPV4

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

197cf909f035330d8557e636edba932ab1075eecefa426d312ff5d23e0a87d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 17:31:48 GMT

GET
H2 200 JN-2-1.png
jeonews.xyz/wp-content/uploads/2023/05/ 5 KB
5 KB 160ms
158ms Image
image/png 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeonews.xyz/wp-content/uploads/2023/05/JN-2-1.png
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: b2caf6225adfc43324a3170669c0fd6ec36c3188f257c7b3ce5636e876a2c9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 09:41:22 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5382
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 wp-emoji-release.min.js Show response
jeonews.xyz/wp-includes/js/ 18 KB
5 KB 161ms
159ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 11:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4651
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 l_490817_081536_updates.jpg
www.geo.tv/assets/uploads/updates/2023-06-02/ 37 KB
37 KB 416ms
380ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-06-02/l_490817_081536_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9a2eb21a6f07e0b195fc27e55ad81a4edb2a9ddfc8fddca7edad941b00ffe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=41004
x-cache: MISS
content-disposition: inline; filename="l_490817_081536_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 37666
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Jun 2023 15:15:36 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 791882019
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcdacabb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 492866_020638_updates.jpg
www.geo.tv/assets/uploads/updates/2023-06-13/ 10 KB
10 KB 388ms
351ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-06-13/492866_020638_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d79291be74710e91b42db8fe53359e9ea09a632bed3e39f991c295c4d9daacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=36490
x-cache: MISS
content-disposition: inline; filename="492866_020638_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10256
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Jun 2023 09:06:38 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 967670656
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcdacdbb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 Alvi1673519486-0.jpg
i.tribune.com.pk/media/images/Alvi1673519486-0/ 45 KB
45 KB 81ms
31ms Image
image/jpeg 104.17.129.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.tribune.com.pk/media/images/Alvi1673519486-0/Alvi1673519486-0.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.129.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c294fd0325de855617df0a4b6c398ec3e48fef6d2c6b8d78a6f51ebc79ec1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
x-amz-version-id: Ae5owNr90b6thxkLEuLn1Qn7SsNB_qfq
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 46069
last-modified: Thu, 12 Jan 2023 10:31:27 GMT
server: cloudflare
etag: "5df3e9853cc3b21f0a92c23d1007fd1b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7e8c75dcee4b9036-FRA
x-amz-cf-id: aXCd12WGMlsMts3W4NOIf8dmcwGoMrm1Yx4qkpDIWDR4NXtg8XABHg==
expires: Sat, 20 Jan 2024 17:31:48 GMT

GET
H2 200 489522_100729_updates.jpg
www.geo.tv/assets/uploads/updates/2023-05-26/ 16 KB
16 KB 392ms
355ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-05-26/489522_100729_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 488aeb6ea1ed727e37035d5031dad465bcfd3162935a2b6a4d84dc82f1cbe9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=46290
x-cache: MISS
content-disposition: inline; filename="489522_100729_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15938
cf-bgj: imgq:85,h2pri
last-modified: Fri, 26 May 2023 17:07:29 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 973023657
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcdad0bb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 489649_073709_updates.jpg
www.geo.tv/assets/uploads/updates/2023-05-27/ 30 KB
31 KB 418ms
382ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-05-27/489649_073709_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00d12f52cdda9ed825bef8a0be7af738e7ac029588eff67b8fb4a80f513c059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=64519
x-cache: MISS
content-disposition: inline; filename="489649_073709_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31076
cf-bgj: imgq:85,h2pri
last-modified: Sat, 27 May 2023 14:37:09 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 1019866005
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcdad1bb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 Marriyum-Aurangzeb-PID1680895181-0.jpg
i.tribune.com.pk/media/images/Marriyum-Aurangzeb-PID1680895181-0/ 143 KB
143 KB 140ms
90ms Image
image/jpeg 104.17.129.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.tribune.com.pk/media/images/Marriyum-Aurangzeb-PID1680895181-0/Marriyum-Aurangzeb-PID1680895181-0.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.129.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84da0afbc1e6aa9ec7da80390fde1a46ed6d4a3df9287985dd4bd1a3e41905a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
x-amz-version-id: wac8yoNurOwaf3Qbiu3V_LwEgEM1dEGv
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 146417
last-modified: Fri, 07 Apr 2023 19:19:42 GMT
server: cloudflare
etag: "1a65b5a688c992a819403e7798445b29"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7e8c75dcfe4d9036-FRA
x-amz-cf-id: XO4pisSzyG2ava5YWDGYQnPS3tjgQIE8bH8ti2LNXjJlQX54dnLyFg==
expires: Sat, 20 Jan 2024 17:31:48 GMT

GET
H2 403 coal-plant1636113936-0.jpg
profit.pakistantoday.com.pk/wp-content/uploads/2021/12/ 0
0 70ms
21ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profit.pakistantoday.com.pk/wp-content/uploads/2021/12/coal-plant1636113936-0.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 499993_055922_updates.jpg
www.geo.tv/assets/uploads/updates/2023-07-18/ 28 KB
28 KB 195ms
159ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-07-18/499993_055922_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9363a2f0aaca40997889d416a6df50f48dbeeb6bbda0d175d70b83f35e73b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=51520
x-cache: MISS
content-disposition: inline; filename="499993_055922_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28698
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 12:59:22 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 1036510688
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcdad2bb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 500014_070249_updates.jpg
www.geo.tv/assets/uploads/updates/2023-07-18/ 43 KB
44 KB 180ms
180ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-07-18/500014_070249_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b31dc597e94347ac0068a1ec36d31b99b18652ac11fc54cfbbc37c62ccb1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=81006
x-cache: MISS
content-disposition: inline; filename="500014_070249_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44514
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 14:02:49 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 794260688
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75dcfb18bb37-FRA
expires: Sat, 16 Sep 2023 17:31:48 GMT

GET
H2 200 underscore.min.js Show response
jeonews.xyz/wp-includes/js/ 18 KB
7 KB 155ms
154ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Wed, 28 Sep 2022 00:48:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7179
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 js_posts_autoload.min.js Show response
jeonews.xyz/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 152ms
152ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1853
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 tagdiv_theme.min.js Show response
jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 266 KB
58 KB 157ms
154ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 59635
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 comment-reply.min.js Show response
jeonews.xyz/wp-includes/js/ 3 KB
1 KB 160ms
157ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1228
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 js_files_for_front.min.js Show response
jeonews.xyz/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
8 KB 160ms
158ms Script
application/javascript 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c181d64d1d8a935f19bbe229f049bcfe
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
last-modified: Thu, 18 May 2023 08:13:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 8236
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d08b5500ad49d9c72a1679a40e05aa734da162f88ed9ba2f331a316b35c25425

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 background.png
jeonews.xyz/wp-content/uploads/2023/05/ 642 B
842 B 154ms
153ms Image
image/png 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeonews.xyz/wp-content/uploads/2023/05/background.png
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9c0d66c65c6fb6c02f07237d709e187bc76815be3943664bf9bc22650b49ceab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 08:19:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 642
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 1.jpg
jeonews.xyz/wp-content/uploads/2023/05/ 61 KB
61 KB 276ms
276ms Image
image/jpeg 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeonews.xyz/wp-content/uploads/2023/05/1.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7e97094fa7d99abbaf24e21ad17c4f48620f56ba393f7ba953344531d8927013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 08:19:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 62002
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 newspaper.woff
jeonews.xyz/wp-content/themes/Newspaper/images/icons/ 24 KB
24 KB 294ms
293ms Font
font/woff 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jeonews.xyz/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/wp-content/themes/Newspaper/style.css?ver=11.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer: https://jeonews.xyz/wp-content/themes/Newspaper/style.css?ver=11.4
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 08:11:08 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 24864
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 309681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:30:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 43ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 321004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 55ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 315676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 01:50:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 61ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jeonews.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 260853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:04:15 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 elements.png
jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 246ms
246ms Image
image/png 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=381db5cebf26144e1b1ab5f0477be694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 08:13:48 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4149
expires: Tue, 25 Jul 2023 17:31:48 GMT

GET
H2 200 13.jpg
jeonews.xyz/wp-content/uploads/2023/05/ 73 KB
73 KB 246ms
246ms Image
image/jpeg 192.64.117.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeonews.xyz/wp-content/uploads/2023/05/13.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium192-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4c66ad21d1030670fc359581f5c105d894c6209fbb79a0bc6c39cfa76b0927ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
last-modified: Thu, 18 May 2023 08:19:36 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 74707
expires: Tue, 25 Jul 2023 17:31:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 64ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVT6RKQPV4&gtm=45je37c0&_p=1986273940&cid=236697946.1689701509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689701508&sct=1&seg=0&dl=https%3A%2F%2Fjeonews.xyz%2F&dt=Home%20-%20Jeo%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVT6RKQPV4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jeonews.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ 360 KB
123 KB 87ms
71ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3867440639606058&plah=jeonews.xyz&bust=31076134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3867440639606058

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b681571ff30f3995a02a82af7654f79a6a13da584883e62a3c52097d20f38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126173
x-xss-protection: 0
server: cafe
etag: 630055559284309743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/ Frame 3940 10 KB
5 KB 61ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3867440639606058

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 12:30:59 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 12:30:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 48ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jeonews.xyz&callback=_gfp_s_&client=ca-pub-3867440639606058

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3867440639606058&plah=jeonews.xyz&bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1acbf8c60ad8f239d06340c2f62467b0e03bf37bc623bf0cacf219c1e2b304e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 48ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jeonews.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37D8 567 KB
98 KB 1419ms
1418ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&adk=1812271804&adf=3025194257&lmt=1689701508&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fjeonews.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508731&bpp=7&bdt=795&idt=178&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7252566774430&frm=20&pv=2&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

566bf95fd52f7f364d14b041a94298d59063e12a48b755d999d0fdbe9b13bfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 100467
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:50 GMT
expires: Tue, 18 Jul 2023 17:31:50 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AFB 111 KB
38 KB 1169ms
1169ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=1675051392&adf=2592710718&pi=t.aa~a.4092920842~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701508&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508738&bpp=2&bdt=802&idt=203&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xtOh4CIstb&p=https%3A//jeonews.xyz&dtd=207

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae9e254e6d7219fecb12ec914965c297e39cb36e272e9dcba0e20a217fe5b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38182
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:50 GMT
expires: Tue, 18 Jul 2023 17:31:50 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1AFB 14 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=1675051392&adf=2592710718&pi=t.aa~a.4092920842~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701508&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508738&bpp=2&bdt=802&idt=203&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xtOh4CIstb&p=https%3A//jeonews.xyz&dtd=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:22:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1AFB 2 KB
972 B 35ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 1AFB 23 KB
9 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1AFB 3 KB
1 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1AFB 20 KB
9 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1AFB 179 KB
57 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 1AFB 33 KB
14 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7098580108032184926/ Frame 1AFB 25 KB
25 KB 48ms
26ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7098580108032184926/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46197bed28c97666ef6968c287f6fc15f2b5844f7dceeb37c910d2eac36d6e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 19:44:19 GMT
x-content-type-options: nosniff
age: 424051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25449
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:17:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 19:44:19 GMT

GET
DATA 200
OK truncated
/ Frame 1AFB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1AFB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1AFB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb2526ef99ecb79817cbfec348ad13bf2fbcd3c1b7568a905e3620661675e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1AFB 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 598953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jul 2024 19:09:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1AFB 0
23 B 55ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc1pYhMy2ZJ35O5fwtwfQvIKgApDa99VxtLSF76YRv-EeEAEgvd6gnAFglYKAgLQHoAH0gvOBAsgBCakC996wWaWwgj6oAwHIA8sEqgT5AU_QGU4jy1v2EMOx0Lv9U0VkKqP4m_Jk086T8Qx3hvplYyBsBKkDYiC73V2CNPIbSSbgoDc63-tL3fcqhQhf_uaxcFD7doCUdpJLxdSXAXxncmfMfv3GsuxDic2xGs_BV2p3EzAZRsfQfgkCEt-ZH48L9zMr8gwF9Pd3avMWXzn_oSA_gDtInRfxlKVQhljlrQ1UaPNYLKmTFZSDd6NUbZJ5FXs8NrlG8Ch0NQG5ubIZFp1XNsP63cy4VnU7JQDwF7_3VQzwALJEY4ix0JiJe_sjlGmyA1f3WiFhmArWVEpqpav0UMRgN7-_xH7QMdble04hZAAJXflwA8AEqMSwsdQDkgUECAQYAZIFBAgFGASgBi6AB7n-4qQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQyte_ENIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zODY3NDQwNjM5NjA2MDU4GAA&sigh=9Xhlo9u3954&uach_m=[UACH]&cid=CAQSGwBpAlJWGPxO0EphsjSe2UbonKYjoNh9LQ0J3hgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=1675051392&adf=2592710718&pi=t.aa~a.4092920842~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701508&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701508738&bpp=2&bdt=802&idt=203&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xtOh4CIstb&p=https%3A//jeonews.xyz&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 17:31:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E40 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ 154 KB
52 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/reactive_library_fy2021.js?bust=31076134

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72aea742f7649846522e4e84255be9019dee9445637e4dfd31c8714aa8550ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53466
x-xss-protection: 0
server: cafe
etag: 11692598326521789206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jeonews.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4E8 102 KB
37 KB 848ms
848ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac382859bf7aa3d8285ae26dc805cfdb5b71ddddbe196ae0a3dbd6288d438ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38176
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A8E 102 KB
37 KB 814ms
814ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e49676acd1d84dde3f5c7016ee1462d55fb01f201d46bc4a340012a3b2e15e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38109
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F463 104 KB
37 KB 764ms
763ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=3804773678&adf=3849035620&pi=t.aa~a.1564433801~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2543&idt=0&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=5&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=xX1Ro8x6Ug&p=https%3A//jeonews.xyz&dtd=50

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b53113a984496e4ffb256feaf30a04122966443304de3ab1b6609d8c6d7cbb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jeonews.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/ Frame CDAE 10 KB
4 KB 13ms
12ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 00:35:30 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/ Frame 6F89 10 KB
4 KB 9ms
9ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 00:35:30 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/ Frame 23F8 10 KB
4 KB 10ms
9ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 00:35:30 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/ Frame 8EDE 10 KB
4 KB 11ms
10ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 00:35:30 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 00:35:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame CDAE 4 KB
671 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CDAE 205 B
520 B 10ms
8ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 09:18:57 GMT
x-content-type-options: nosniff
age: 375173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jul 2024 09:18:57 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CDAE 604 B
695 B 10ms
9ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 07:56:08 GMT
x-content-type-options: nosniff
age: 34542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Jul 2024 07:56:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame CDAE 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6325
x-xss-protection: 0
server: cafe
etag: 8771891585566167871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:25:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame CDAE 20 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8597
x-xss-protection: 0
server: cafe
etag: 17435004113268094812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:19:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6F89 6 KB
706 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:16:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6F89 2 KB
926 B 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 6F89 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6F89 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6F89 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F89 179 KB
56 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 6F89 33 KB
14 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23F8 6 KB
706 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:11:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 23F8 2 KB
926 B 11ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 23F8 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 23F8 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 23F8 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23F8 179 KB
56 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 23F8 33 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8EDE 4 KB
655 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:17:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 8EDE 2 KB
892 B 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 8EDE 23 KB
9 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 8EDE 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 8EDE 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EDE 179 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 8EDE 33 KB
14 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/15059803203702098135/ Frame 8EDE 52 KB
52 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15059803203702098135/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23a99a0875cec45db56775ddc6cd08b1e8628ec34654a78d9d61292f05768d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:08:08 GMT
x-content-type-options: nosniff
age: 260622
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53185
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 03:59:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 17:08:08 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11552181545032184248/ Frame 8EDE 3 KB
3 KB 17ms
16ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11552181545032184248/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73de9adc159f8941a09fe41502914deebbfa4f350d48fd5fed3895bdd680f917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:47:30 GMT
x-content-type-options: nosniff
age: 31460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2679
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 03:59:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 08:47:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A02C 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:15:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame A02C 2 KB
892 B 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame A02C 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame A02C 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4866
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame A02C 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A02C 179 KB
56 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame A02C 33 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
DATA 200
OK truncated
/ Frame 8EDE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9064f89e48d7b37d6fe8f9105f6144f30ab1d10585e41050a1dd608decf8edc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame A712 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8EDE 0
19 B 54ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYKD_hMy2ZIzlO7-TwuIP2L2YmAnQ0--wbf7Pt6KqEa2g4Yr0ChABIL3eoJwBYJWCgIC0B6AB6LDE4CjIAQmpAp5z0P5d17I-qAMByAPLBKoEggJP0Nrm_CVY8MC_7J_A3f_QjVpLoXAI6JHShQkeQ_XoutpXQy3Uk9j0Z6rWcSWD8SJLpUPZHV1Bmy4MS6F5tCh4UK3ATWPeByfwbTk-Px3wjettGyqtlVog0AVubNakVdNFlJJvlg0xiRL0nuvFvseGL5yj-5TnLmmaHHBY7rMmrxvRVXC38jX6rn2hv0JDq-ot_ZmJ4YFRzwpz-vgTQpapC0zjS_dZc-kazmq7dQrJJWw_nv8POL3R-gMQPimD0mFNWCakU7u7tlE2XARxToBZhQrs3Af8bYi6J6BMletgcbNwKxqUQyHoUDAN47227RXzPccyrV6nwPTOOQWJkhVnMNbABOeVj-2IBJIFBAgEGAGSBQQIBRgEoAYugAfo6JTAA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENjhhwTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQK4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTM4Njc0NDA2Mzk2MDYwNTgYAA&sigh=5ZE0K5RrPl8&uach_m=[UACH]&cid=CAQSGwBpAlJWcvuwWSbJ94r_rJgwGPib-MiixsbtjBgB&template_id=484&cbvp=2&vis=1

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 17:31:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame C0B3 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame C603 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame D0CD 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1AFB 42 B
174 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL2kiDsao_ey_snG9E0-dMZasTczAO-yaGOAKsLJjmpOmKZYSPwpvdpTqHctFgPgF9aJ2ao6kuDMkrNfzJcZHmumLXVI4lHnVGc4VMgcSSuIMBHIOY52g6Z5GMRz6p6g4omihz8zmhdD-0&sai=AMfl-YRyJypx5QSasJuPfIx9xKfAMzXMo9g6cuCN_VwwXTjSf4n_zRHR0E2-Vb35xgEDNxSgcF_U5-z1dT6E&sig=Cg0ArKJSzHNm5X1faO6SEAE&cid=CAQSGwBpAlJWGPxO0EphsjSe2UbonKYjoNh9LQ0J3hgB&id=lidar2&mcvt=1000&p=0,0,280,1068&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1675051392&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689701508946&rpt=1337&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F463 6 KB
706 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=3804773678&adf=3849035620&pi=t.aa~a.1564433801~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2543&idt=0&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=5&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=xX1Ro8x6Ug&p=https%3A//jeonews.xyz&dtd=50

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 15:41:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F463 2 KB
892 B 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame F463 23 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F463 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame F463 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F463 0
0 43ms
16ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpVaOAuOpd7jONqWu1b9_2IqfgqVvIeyPDBzr813AB6FfDtS-TN8vcGYCf7LHc2aIMcYPdEX5OV1rbp-7j9yof0R-Ajg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=3804773678&adf=3849035620&pi=t.aa~a.1564433801~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2543&idt=0&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=5&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=xX1Ro8x6Ug&p=https%3A//jeonews.xyz&dtd=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F463 179 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame F463 33 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A06C 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7098580108032184926/ Frame F463 14 KB
14 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7098580108032184926/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ea771281329c3dcd7de50cab950d520d6b41609f156ba7aef7fc09d42e3dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:11:35 GMT
x-content-type-options: nosniff
age: 62416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14635
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:17:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 00:11:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16317328933014292306/ Frame F463 2 KB
2 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16317328933014292306/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e699c29467e040726edb86c65261eb745c8e0c8d183c2311555b1a8454a6141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 19:49:41 GMT
x-content-type-options: nosniff
age: 596530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1864
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 16:49:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 19:49:41 GMT

GET
DATA 200
OK truncated
/ Frame F463 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c05fea8330b5355ecc30e841a1808d76279367cb824794ca35309b8e46fbd31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1A8E 6 KB
706 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:17:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1A8E 2 KB
892 B 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 1A8E 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1A8E 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1A8E 20 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1A8E 0
0 17ms
15ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTC9q5KthlJ0n0RXQNZ8G-gs7I95NOIJ_Aevb99znW-9PwBSmtq5EZVxwwJzQpS1-z2r35DDAd5nbn49urGBVDc8rPfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A8E 179 KB
56 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 1A8E 33 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A06C 35 B
463 B 90ms
38ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED0zSbREtGPPtOqx_im4fts&google_cver=1&google_push=AaAOQGF8s6ntk871n691sDI22Y7V3FNCYg95KckkXdDyaZmPejIw2D6j470cYIiX8mNiQSxqiBeOThTTiyYxDTYjdcA46a0OCha6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A06C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCp...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPb...

43 B
435 B

457ms
439ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:52 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e8c75ef9fa72bc5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1791
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFdBLoMq7z4l8OINr_nzlPPc9BhmUAS9n7-vAQeXE7RBRsSPMogdI4qi1mk70Sx0Lh7wbH5DCxdMWtgu7nLBsoz5WMjdPbCpA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e8c75ee2dcf2bc5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A06C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENry1FqE2aT-8sBiIXftzLs&google_push=AaAOQGEVCD2W7NppzqrsHpwGGaiPxO4UEEt5ILyqADwbfpjONwDZU4bH6m...

170 B
188 B

18ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENry1FqE2aT-8sBiIXftzLs&google_push=AaAOQGEVCD2W7NppzqrsHpwGGaiPxO4UEEt5ILyqADwbfpjONwDZU4bH6m6R8wzRiOlhOyyc1uaTzKaaOaLhZCrX770IDNKTDfcaow

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689701511.396232,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENry1FqE2aT-8sBiIXftzLs&google_push=AaAOQGEVCD2W7NppzqrsHpwGGaiPxO4UEEt5ILyqADwbfpjONwDZU4bH6m6R8wzRiOlhOyyc1uaTzKaaOaLhZCrX770IDNKTDfcaow
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A06C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENoISMtynicdDnua-u41C5E&google_cver=1&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRznykZ2BFav4gOJ01w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA65BC6E180A4619875A5B6DBCBE4FF6&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRzn...

170 B
329 B

19ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA65BC6E180A4619875A5B6DBCBE4FF6&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRznykZ2BFav4gOJ01w

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 18 Jul 2023 17:31:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA65BC6E180A4619875A5B6DBCBE4FF6&google_push=AaAOQGF7NuPEFjG-2_eLjUkvQYm_B8nYpuqTvkiVs9WpXA-OoK0wHFbmY1LFH0t-ffpClqHioBia9I1QMLQeRznykZ2BFav4gOJ01w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 17 Jul 2023 17:31:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A06C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAmA_C9hnW72o4kbHmLpuP0&google_cver=1&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8f...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAmA_C9hnW72o4kbHmLpuP0&google_cver=1&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUo...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=8ecbee3a-cbf7-4c11-ad06-cc39498740c8
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=8ecbee3a-cbf7-4c11-ad06-cc39498740c8
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=139d2f7a-84b6-4f29-9c2a-4ddc54a6ebe3&user_group=1&ssp=google&bsw_param=8ecbee3a-cbf7-4c11-ad06-cc39498740c8
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y&google_hm=jsvuOsv3TBGtBsw5SYdAyA==

170 B
188 B

20ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y&google_hm=jsvuOsv3TBGtBsw5SYdAyA==

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGG8jm_L0QkqIidHg_6e_kIHRxbxlc-yNcCvV5IB2GxXpNB16QwaNBd2vLd7vs0aLlRgBpyohHnoguVYUopzjA8fqC1oR2Y&google_hm=jsvuOsv3TBGtBsw5SYdAyA==
date: Tue, 18 Jul 2023 17:31:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A06C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEAgszT2SYcZFEBPvHZCDfnw&google_cver=1&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYx...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAgszT2SYcZFEBPvHZCDfnw&google_cver=1&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_x...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA

170 B
188 B

21ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFAYxyXD0TxoXalyReNJ_yJOmpkZaIAC2zShbx6MaAIrSs0DGJ4U-YL5mQGVxb22MpCjBK_wjYTE-2jkygsBc9_xYxhfKSLnA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A06C 43 B
363 B 77ms
40ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEK5orP5jKQXVvDyerF2MHU8&google_cver=1&google_push=AaAOQGF7a_uHZ99b_ML4J1904G8NK9cJ_8jc3j9hZMQjXf0wWVdFUlq1jzZxtfmE1kb1oZmU0nrC7eHpWJ-0Vm_aTyxZc2zN3y_b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 254367
expires: Tue, 18 Jul 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A06C 0
130 B 61ms
20ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_kO24F79zHRQS9DIJpyLMeIJiGmqTvLcFmIgjFJxrULE3gIfheK3Wnpzv1UoYsJeM2_Mh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7FB2 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7098580108032184926/ Frame 1A8E 14 KB
14 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7098580108032184926/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ea771281329c3dcd7de50cab950d520d6b41609f156ba7aef7fc09d42e3dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:11:35 GMT
x-content-type-options: nosniff
age: 62416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14635
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:17:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 00:11:35 GMT

GET
DATA 200
OK truncated
/ Frame 1A8E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame B4E8 6 KB
706 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:12:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame B4E8 2 KB
892 B 12ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame B4E8 23 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame B4E8 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame B4E8 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B4E8 0
0 20ms
19ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2W8gzqy8kg98rHTo8pKbH636S8HxESIxcasXRzVXSpbTUG1amfijWaL8PeVyiNHhFP6VWKqnRhlDHEnaHuxlbr20XPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4E8 179 KB
56 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame B4E8 33 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C6C 1 KB
643 B 14ms
12ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6474592807521004471/ Frame B4E8 21 KB
21 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6474592807521004471/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df0d3ad033200f262dbd0b1e3ad48c531b9cd02b0f5b6db2bbd0b182e5389a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21102
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 14:36:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 17:31:51 GMT

GET
DATA 200
OK truncated
/ Frame B4E8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F463 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 266818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:24:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F463 15 KB
16 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 260856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:04:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F463 15 KB
15 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 309684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:30:27 GMT

GET
DATA 200
OK truncated
/ Frame 1A8E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4daf320941793316de05d2f3888b6f93a46f43b131e09f9ec5b08a89563524ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7FB2 0
104 B 212ms
27ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGMKxuZIM7D1jtlYdw2TAAE&google_cver=1&google_push=AaAOQGHAS846m4Sjgx2NB67y1iXkdkmZFkrkI1jKiYDZVR2B6O0BFVdg_liN8wUBJvm3Ga-Rjl__jGTS99ASCgmFyv4OQicuhQDSOPq2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXF2VXBsRHUxUWxPeWI1&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj0...

170 B
188 B

25ms
24ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXF2VXBsRHUxUWxPeWI1&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj014kTBRhojCeVuGwJEQjjdAbYyDanKpKcvYgCdvjgrMgaW8KK0hVC1tvO8

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 17:31:51 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0d2a77f9c6d8820ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eXF2VXBsRHUxUWxPeWI1&google_gid=CAESEKrba5Ow9WvwFws2jbfhCpg&google_cver=1&google_push=AaAOQGErpjb0m_GGcFixekeWM15hI6J2bSlIs5qfHN0ENj014kTBRhojCeVuGwJEQjjdAbYyDanKpKcvYgCdvjgrMgaW8KK0hVC1tvO8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPovb0H4ndCBjoRO4Tm1NvE&google_cver=1&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrE...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrEKDk7JxFGCgSZmaLt

170 B
188 B

21ms
20ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrEKDk7JxFGCgSZmaLt

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 18 Jul 2023 17:31:51 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x15 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGHad6RG_7JNzS4MnyHyasUhpz-ix7Mb_YsF989W8HqwCtaoHaJYAwQErcuIDANAmYtTakiRk2dwhpkEYyrEKDk7JxFGCgSZmaLt
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 18 Jul 2023 17:31:50 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7FB2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6...

43 B
400 B

441ms
440ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:52 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e8c75efcfeb2bc5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1948
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC2mKWhjEs23BLTWxik37tE&google_cver=1&google_push=AaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFo16OqFWiuOi5T_pS0-F5wYUmHc8GhkXR1zubSODT4Uo5BfRb-oR5x5SGbRKn8228mnZ4WN7HlLRgcWRdcHQHwN3dylp6Y1na7%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7e8c75ee8e362bc5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET /
onetag-sys.com/match/ Frame 7FB2 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7FB2
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPZggAPMhZs9kPpcMSZh5rg&google_cver=1&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOW...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOWMrMoSNR96tUwfRHIaDhr9n3RI0IaUh-KxqF86MiA&google_...

170 B
188 B

20ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOWMrMoSNR96tUwfRHIaDhr9n3RI0IaUh-KxqF86MiA&google_hm=1I89VsgNTt2DTqT_RXgi1QM

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG987BUwo1dKYCi9sT7zXsOjjY8HMxnqzVF82HIWEBfugZrzrQvLPvqEbMoOWMrMoSNR96tUwfRHIaDhr9n3RI0IaUh-KxqF86MiA&google_hm=1I89VsgNTt2DTqT_RXgi1QM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 7FB2
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKYOG5kiulyc...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFSpO_9QE0eW0oEFqZqaxIvpiyvPBye-9w4VeiDspbZ7FJRJrE2_UoBDTNqVWo35dt3EEUViUL_v9W6PBU9yL87A00_iSBumbX0Gw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

78ms
78ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 18 Jul 2023 17:31:51 GMT
pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7FB2 0
49 B 17ms
15ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwCx12jgvmBdPACNuMCGjuNbvV-wJiZEzx860bVFlxjy_7fBH0eQaVBv2Egn2h8nEfYAgKGCA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F463 0
19 B 54ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvdk5hsy2ZJypItjvtwe_i4zADZDa99VxtLSF76YRv-EeEAEgvd6gnAFglYKAgLQHoAH0gvOBAsgBCakC996wWaWwgj6oAwHIA8sEqgT5AU_QnI8CliappFyX3iWrs6uOchOqpmEjlRRzEnvSI6ZzSPzBggjfppMgzf1ZeLibATf8wIkZWu3Kd9Aut_3Rknb3P2DT0hnPi2Rw3muMCivnXttkTTWKEet-wB_Vj2tqatXrWBTENbbsDdwgl9hyXmPspTxzIYQYpKv2XF6kFMSZf5d8PNa5sQ9CCSS7kgNFRD5fvepI2H6uBWuvk5JURPXUl9d_A571-_fYSERjNv1aszvuJ9MiSbWYce8gGfIfFfevpuBCJEIJ_oi3s0wD_H5E1GL1G5h94Zvatt4S90ve8iV4-QF4AVOc7Cx7efygQM4-mTTSdeUwqcAEqMSwsdQDkgUECAQYAZIFBAgFGASgBi6AB7n-4qQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQura1AdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxArgT5APYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMzg2NzQ0MDYzOTYwNjA1OBgA&sigh=865ZTMqpj3k&uach_m=[UACH]&cid=CAQSPABpAlJW5zVCZ42SJFqqAK6JNA7DEipkgp7Sggd83McUt876HNCtnw6cjEhNTLkEjBix9XohO7R9vOxYBxgB&template_id=484&cbvp=2&vis=1

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=280&adk=3804773678&adf=3849035620&pi=t.aa~a.1564433801~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=1068x280&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2543&idt=0&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250%2C324x250&nras=5&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=xX1Ro8x6Ug&p=https%3A//jeonews.xyz&dtd=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 17:31:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AA8 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
DATA 200
OK truncated
/ Frame B4E8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38aeadecdd0d209d1f891e4f4ead34bbbed1546146532537847a2fbbb6261bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C6C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED0zSbREtGPPtOqx_im4fts&google_cver=1&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sX...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sXpmhDSNSZHn7m4bOvukPnGeD_j_BBaNzmSykm7_M72Vcw&google_hm=DoX5tz5cO_...

170 B
188 B

20ms
19ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sXpmhDSNSZHn7m4bOvukPnGeD_j_BBaNzmSykm7_M72Vcw&google_hm=DoX5tz5cO_djOXLu_rb-UQ

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGGDkxthbkkTUk8no0hOAyJrAajQUrOW9m2FmYDlZybwztIQ-o-5sXpmhDSNSZHn7m4bOvukPnGeD_j_BBaNzmSykm7_M72Vcw&google_hm=DoX5tz5cO_djOXLu_rb-UQ
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: private, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1C6C 0
103 B 153ms
27ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGMKxuZIM7D1jtlYdw2TAAE&google_cver=1&google_push=AaAOQGFa2_2dDe-ljGZtLXVAt3kb4NtFXuM7V7jpQKENVv09m_3VQg91k9KfO3iwyeqcN5J_Mn_N5ADl5TZrG07KEIoM0R2As_UIZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1C6C 70 B
265 B 118ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF14azWS9xctaGnUM4o5dRc&google_cver=1&google_push=AaAOQGG6c3QzGXu5ii_Rt9a2ji6xXtTf-MoHSVXd2SZt9DxHlN846CbMU53zT8qlTUq_lY5ZnPY3ofXy5RUv5jbj3NOjgGD-50Il
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C6C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGFpH5Pd...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAaAOQGFpH5Pd...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MTgxNzMxNTEwMDAxNjYxMzA1NDE1Mg%3D%3D&google_push=AaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiq...

170 B
188 B

19ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MTgxNzMxNTEwMDAxNjYxMzA1NDE1Mg%3D%3D&google_push=AaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiqhww60ShlpKqEq2_Ma9poZwINsolOQIjg

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA3MTgxNzMxNTEwMDAxNjYxMzA1NDE1Mg%3D%3D&google_push=AaAOQGFpH5PdssLEzLlF1dzNnrSXj_CD-8AKTgfLqS0YMHxDW40i9NrS784VjZra9_hIiqhww60ShlpKqEq2_Ma9poZwINsolOQIjg
pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1C6C 43 B
362 B 18ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEK5orP5jKQXVvDyerF2MHU8&google_cver=1&google_push=AaAOQGFPjp_L7It2IBVHYIXH_Lr2_mqty83Etpcxtg4RdEIkA4rQI2UW17HOLbmoYUttIc7ce66MJKSDamMNtXz5OtjuL-N8Psht8Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:50 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 271732
expires: Tue, 18 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C6C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIi_AXhvhc_MkNcw0bDknOU&google_cver=1&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOc...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIi_AXhvhc_MkNcw0bDknOU&google_cver=1&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45x...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU1MTA1NjgzNTA2MjU5ODczOA&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRd...

170 B
188 B

18ms
18ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU1MTA1NjgzNTA2MjU5ODczOA&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOcyZpH3KnE3J4vmr3TnpE90w

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU1MTA1NjgzNTA2MjU5ODczOA&google_push=AaAOQGHJqelAT0j9FVvQW51eiwxOWV7VT2Puulq7HCK0YHuJHxcJD_ldeUmK2-QER-S93gb-45xIRdOcyZpH3KnE3J4vmr3TnpE90w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 1C6C
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKYOG5kiulyc...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFUQb1z82a8g0ibPdJf9j50buQr1ezxkegpp7oaeC7CXOnfPoUY2OFI1OAC16tdCHcY0I-xKJjFLS7GPUyxOelADdpRnqn3vRs
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

76ms
76ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 18 Jul 2023 17:31:51 GMT
pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C6C 0
12 B 17ms
16ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2ctpGFTxtMhisp1NL1xyoelO1a95sJV8kbnMMxnanblz-u2dJnPQENLGAFsKeNQx18Tpf3Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A8E 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 260856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A8E 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 266818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:24:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4E8 15 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 260856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4E8 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 266818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:24:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A8E 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYJ5Jhsy2ZLTxJfKb2OMPntinwA-Q2vfVcbS0he-mEb_hHhABIL3eoJwBYJWCgIC0B6AB9ILzgQLIAQmpAk2MkE0ls4I-qAMByAPLBKoE-AFP0B2DwlsnmRIf7dPxNCJoLseusCx8WmcT1B3m5Mi9PZIdRMLu0Ore4-6ke_OwT3adw063CA4JLopx1e0mcTMi2eCEgXWWU_S5wX5IksTcsJgKQfOYcYdkx0-b9dXxgGGCdQS-i8q14H37tmKCO4Yrpitxz_PAKptLCUm1eNQNZXX5eswQcKQnrPybQ09Z-KLf2ZaYoBEOWa5ygt4go0oyKMtBemZPf8M33yeebn0ELTZRIfkZQm9tSenoEazVZE4OfQc9uAWXg9qzcl_NmpDHyJSik5vmDuhvAtbM0nw4c-QMmG41mj5GUR2lrGuptnLmJCVKxf9l08AEqMSwsdQDkgUECAQYAZIFBAgFGASgBi6AB7n-4qQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_-F40ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLECuBPkA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi0zODY3NDQwNjM5NjA2MDU4GAA&sigh=bkfnI65RTbg&uach_m=[UACH]&cid=CAQSPABpAlJWl-Qsv-qI-P8meyogxqdAWTW21MQoqSYP0F2BMIwZ4sIExbF5imMjw-aeqqEkiqW8Y-M7q-VRYRgB&template_id=484&cbvp=2&vis=1

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=666425686&adf=1418171935&pi=t.aa~a.2419557384~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280%2C324x250&nras=4&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=638&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3qfzfK5u2p&p=https%3A//jeonews.xyz&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 17:31:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4E8 0
19 B 55ms
54ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1RAEhsy2ZNmPJcHWn88Ple6nwAr5_vW9cNPuxMOWEdzZHhABIL3eoJwBYOECoAGC8v6hKcgBCagDAcgDywSqBIQCT9DD61hsGHRsop2_ICuNtQ_kskUQQVoK7oTe6GiEfZQXlkHvujXXBfR8EQIBVak3n6627bUJQFkosX8U1mAV4v8rIutrKUkogz0ERPZZJ5Rcu7RiWoPzsSxl_-Kx-RBL8G6ls4yg5xIxQ8L-c7MzPCMVd5enQ-o8xmj8jjL-pIs1yaaq5_V2TjwgEjFKW2irLEPjaLrMQyz1GLCRwb3tE_QBjkgJUqYO3iyzkUn8uvUa2-2WchcITGSeu5xdUOnGMIPrpKUq1KalJaWlcQgemMm4mNY2lHU3xYMk4o4zMxrVd3-CRjpGBUlhMtJJRT6p8hgd4MFdQzauYcL0SnoVzqQFIAvABMmUt-aXBJIFBAgEGAGSBQQIBRgEoAYugAeCqs-BBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEOCOkQHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQK4E-QD2BMNiBQD0BUBgBcBshccChoIABIUcHViLTM4Njc0NDA2Mzk2MDYwNTgYAA&sigh=-gAgOjbNORY&uach_m=[UACH]&cid=CAQSPABpAlJWIo2KZC36uJDzWzVUR7az2akrJYY_AwM-BSq2ZplPEnf_dsR1OU_rdlKpbK3nNBpXaOFF6miphhgB&template_id=484&cbvp=2&vis=1

Requested by

Host: jeonews.xyz
URL: https://jeonews.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3867440639606058&output=html&h=250&adk=382462815&adf=214715048&pi=t.aa~a.2461189430~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1689701510&rafmt=1&to=qs&pwprc=6102426875&format=324x250&url=https%3A%2F%2Fjeonews.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689701510478&bpp=1&bdt=2542&idt=-M&shv=r20230713&mjsv=m202307130102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dad133b0ff9a0088e-22802cbfc3e200c6%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA&gpic=UID%3D00000c3fe057edc8%3AT%3D1689701508%3ART%3D1689701508%3AS%3DALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ&prev_fmts=0x0%2C1068x280&nras=3&correlator=7252566774430&frm=20&pv=1&ga_vid=236697946.1689701509&ga_sid=1689701509&ga_hid=1986273940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076134%2C31076162%2C44788442%2C31076040&oid=2&psts=ABnkTfB6LYqFvaaMfyQl5IH1Lw2xx2DxJJcuk_9QFt3FuL38ocRlTLaL_af-t0en2W2SkeqHBgyuQJTaTzrw34V89e20WR1f&pvsid=4285982077715876&tmod=977701977&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=BZZkADzIll&p=https%3A//jeonews.xyz&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 17:31:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
60ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2060f6e835a5a07da9ae7c7467ce2a78ac1506d0166e7468ca6eec5fe4d391e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11683
x-xss-protection: 0

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame D23A 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B19 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H2 403 coal-plant1636113936-0.jpg
profit.pakistantoday.com.pk/wp-content/uploads/2021/12/ 0
0 15ms
14ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://profit.pakistantoday.com.pk/wp-content/uploads/2021/12/coal-plant1636113936-0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 17:31:51 GMT

GET
H2 200 499993_055922_updates.jpg
www.geo.tv/assets/uploads/updates/2023-07-18/ 28 KB
28 KB 25ms
25ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-07-18/499993_055922_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9363a2f0aaca40997889d416a6df50f48dbeeb6bbda0d175d70b83f35e73b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 3
cf-polished: qual=85, origFmt=jpeg, origSize=51520
x-cache: MISS
content-disposition: inline; filename="499993_055922_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28698
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 12:59:22 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 1036510688
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75f02f10bb37-FRA
expires: Sat, 16 Sep 2023 17:31:51 GMT

GET
H3 200 500014_070249_updates.jpg
www.geo.tv/assets/uploads/updates/2023-07-18/ 43 KB
44 KB 24ms
23ms Image
image/webp 104.16.122.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geo.tv/assets/uploads/updates/2023-07-18/500014_070249_updates.jpg
Requested by: Host: jeonews.xyz
URL: https://jeonews.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.122.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b31dc597e94347ac0068a1ec36d31b99b18652ac11fc54cfbbc37c62ccb1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
age: 897
cf-polished: qual=85, origFmt=jpeg, origSize=81006
x-cache: MISS
content-disposition: inline; filename="500014_070249_updates.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44514
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 14:02:49 GMT
server: cloudflare
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-varnish: 794260688
cache-control: public, max-age=5184000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e8c75f06b291da8-FRA
expires: Sat, 16 Sep 2023 17:31:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF2A 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 16:23:57 GMT
expires: Wed, 17 Jul 2024 16:23:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E54 783 B
535 B 20ms
20ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

852468c3eae281d336ad6e93654b3b9b67a3970c24494ad8646782d161d5d3fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7vksH4VRwXQRAP33-StQtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jeonews.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7vksH4VRwXQRAP33-StQtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 17:31:51 GMT
expires: Tue, 18 Jul 2023 17:31:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 403 KSA-buys-Turkish-drones.jpg
www.pakistantoday.com.pk/wp-content/uploads/2023/07/ 0
0 35ms
16ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pakistantoday.com.pk/wp-content/uploads/2023/07/KSA-buys-Turkish-drones.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js Show response
pagead2.googlesyndication.com/bg/ Frame DF2A 37 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 441094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14539
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:00:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8E54 0
0 44ms
44ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=4285982077715876&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF2A 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5-9KAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8EDE 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbiTsDt3SFqbg3u_M-j12JZCHTa2ccB5q9kobqAm63kGZqIHLWhdcngBSOimtnSuF2zj4y4ICSYI2Tp2FnVZriSJSAowoizaXYI6tLaiSFM6YcqcdgES2bMm1wgHSmSCLqVMujmAcfJ9T6&sai=AMfl-YTHft_z5QDxrWbNZ4cB9bFiP5PtLnoED2fkpwDURLfmUdkm0-uNL1j1lP6b7dLLR95Ef8F6uWiEKX70&sig=Cg0ArKJSzJYiAtfmdpf3EAE&cid=CAQSGwBpAlJWcvuwWSbJ94r_rJgwGPib-MiixsbtjBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=141,829,1000,1179,1179&tos=141,688,171,179,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689701510584&rpt=263&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 17:31:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=4285982077715876&bg=!8_Cl8KTNAAa3SiIRl0o7ADkAdvg8WtYMcOgZsNU5sGmUsiAa298fhkvJG-yQCxUlTkdMOe8hYQiYPXC2uRxc0qcg6YkvHlGOwoQCAAAAUlIAAAALaAEHCgCf0duUeeOxUU_1tS-Twv44xZAROLSTqdMEeEg7ft7TBPAWH-HGrgTp25YGum_4jJp8terrRZjNoFXNzlYWj8aWrj9Q3Wy6El2zB4x52OJ2EdYdwnimYlpxtVqr2qCddvsqLiPXefdQZu4a0TV2u4_ffe_fizoo0Jxz78fCxesg92zitpLgYQubX6Ly7FY51pF-HA6ztf2veYAnZoK7kLgOmQKv0f0pwwEB_7YvaGHC4_7mYUXoTnE_r-2_00Viam3Mf9k4x_GFyBPmLntt26TI16IYBza12kW66CHc4-eFp9CuQY7ie47Pnj0ql9-duQHQkQM3cczqVNXdklSczx7U4wRrtfrijT65dqOitxEj_bY2IRD9tw8F1db2VwsDXpv5hkttpouLR43vk-Xz_wdBeqKgVUVST6zx7MsfMNKraGM2cLPjJ8l25qVoC0WBVuxIDlEa20UocJ4c3yubjKQOG68B8_A_ZGo5emOwUyMa1qj0EZABIII4lPsQcbMlINTTWR-Ca9rdfCHv8GtfsF78exLjsPqMFu2FOkyVFO9aBWZ79i0KzMYlELPM4WrWpboTj4X7MIHhxJ-G5n3CP-aALgZEXH_Om16yFJ5g96WAHtLNwF9kD18R5pvcJ6Q1IyS96u23vX1CNky5rSpXay1bvMOC91AvmlAkZ6LvgJ2kSdDnlM3i61JkX1xlzwzHOZtRcphwd0a94mJZb92fsaM4wxsvxIfbc_Wr8ol_bKs1EGc4mY26YWKlR3sriRvYkDBP-vRsy2MyQ9pdWymjnB7w0bG-Snh1WwppTWkWbpJ-BVLOv24_4W_SKAKG99Sjcm_cJ4Gy1qKs0gxWRzQPhw5UHWYaMGd_Z9FSMr28krZKs1DQF-jIeJ-MCQ8yCEApsqSrZshnlv0n7bcaCA6N4JSwOwUVefw-tdqlaOxyL9isbLOSqTCyJ6IH9MrU92BUbDYW_lC27f1UXi3fWud4oLo-YvI3K9BxQjdyDK8ga7zp7CVZf3BnwcdtHuJlx4GORlKTUawKQUcL-yDvGDn7Uoz-5SaSWqqKbAlg5pnI9i18v5cX_USUnyD7lHYrOVAwQmpnmODalUk5Sx2j2fAvJ5x2DLVihSy4CnCheSJFFCAlcNbS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jeonews.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMoOTXLzH1UTVAI9Aq5xHj0&google_cver=1&google_push=AaAOQGEAwekq_ARjABQdBxIJ9KdaAdYIBNJpNvc4iLKSVNhlv9lVccba7h2VcUUaovaNT_oIvAbV8XyUSj_iW5VQYXbUb6fipuvuV94

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jeonews.xyz/	1970-01-20 22:57:41	Name: _ga_QVT6RKQPV4 Value: GS1.1.1689701508.1.0.1689701508.0.0.0
.jeonews.xyz/	1970-01-20 22:57:41	Name: _ga Value: GA1.1.236697946.1689701509
.jeonews.xyz/	1970-01-20 22:43:17	Name: __gads Value: ID=ad133b0ff9a0088e-22802cbfc3e200c6:T=1689701508:RT=1689701508:S=ALNI_MZzi3HZxUoZQuWJuMHubJu3XajAEA
.jeonews.xyz/	1970-01-20 22:43:17	Name: __gpi Value: UID=00000c3fe057edc8:T=1689701508:RT=1689701508:S=ALNI_Mbc4WBFpXSZaQoXsbWYhzCF4qb7dQ
.doubleclick.net/	1970-01-20 22:43:17	Name: IDE Value: AHWqTUkmQGb6FesB1jArlmDJNdYh5DElJ8Y8gZ4mRTV-XKGLifdHgN-1vlrtveu0zGI
.doubleclick.net/	1970-01-20 13:21:42	Name: test_cookie Value: CheckForPermission
.simpli.fi/	1970-01-20 22:08:43	Name: suid Value: EA65BC6E180A4619875A5B6DBCBE4FF6
.quantserve.com/	1970-01-20 15:31:17	Name: d Value: EA4BCQG_KYEA
.quantserve.com/	1970-01-20 22:51:55	Name: mc Value: 64b6cc87-692ae-882bf-7e791
.de17a.com/	1970-01-20 22:00:05	Name: guid Value: 1.748828182034965627
.w55c.net/	1970-01-20 22:53:22	Name: wfivefivec Value: yqvUplDu1QlOyb5
.ctnsnet.com/	1970-01-20 22:07:17	Name: cid_d48f3d56c80d4edd834ea4ff457822d5 Value: 1
.ctnsnet.com/	1970-01-20 22:07:17	Name: gid_CAESEPZggAPMhZs9kPpcMSZh5rg Value: 1
.mathtag.com/	1970-01-20 14:04:53	Name: mt_mop Value: 4:1689701512
.everesttech.net/	1970-01-20 22:07:17	Name: everest_g_v2 Value: g_surferid~ZLbMhwABz4O9iwBY
.quantserve.com/	1970-01-20 15:31:17	Name: sp Value: CgsI2WUSBgiHmdulBg==
.bidswitch.net/	1970-01-20 22:07:17	Name: tuuid Value: 8ecbee3a-cbf7-4c11-ad06-cc39498740c8
.bidswitch.net/	1970-01-20 22:07:17	Name: c Value: 1689701511
.bidswitch.net/	1970-01-20 22:07:17	Name: tuuid_lu Value: 1689701511
.w55c.net/	1970-01-20 14:04:53	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 14:06:19	Name: C Value: 1
.adform.net/	1970-01-20 14:48:05	Name: uid Value: 6551056835062598738
.e.dlx.addthis.com/	1970-01-20 22:51:55	Name: na_tc Value: Y
.addthis.com/	1970-01-20 22:51:55	Name: na_id Value: 2023071817315100016613054152
.addthis.com/	1970-01-20 22:51:55	Name: na_tc Value: Y
.addthis.com/	1970-01-20 22:51:55	Name: uid Value: 64b6cc8705f84abc
.addthis.com/	1970-01-20 22:51:55	Name: ouid Value: 64b6cc870001acc16df7abc04c5ae12793ba2ade2e0a80f00e54
.dlx.addthis.com/	1970-01-20 14:04:53	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 14:04:53	Name: na_sr Value: 20230718
.dlx.addthis.com/	1970-01-20 13:21:41	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 14:04:53	Name: na_sc_e Value: 0
pool.admedo.com/	1970-01-20 22:07:17	Name: tuuid Value: 139d2f7a-84b6-4f29-9c2a-4ddc54a6ebe3
pool.admedo.com/	1970-01-20 22:07:17	Name: c Value: 1689701511
pool.admedo.com/	1970-01-20 22:07:17	Name: tuuid_lu Value: 1689701511
.tribalfusion.com/	1970-01-20 15:31:17	Name: ANON_ID Value: ainsIHt3er66AxvPAB9XYniR3yJh3unTwyUVZbZckqkSq0YZbWtkQWUeZbZa5g4Jgbpoy8V6d24OaZaHjlFY2VrU9NvBeT

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://profit.pakistantoday.com.pk/wp-content/uploads/2021/12/coal-plant1636113936-0.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMoOTXLzH1UTVAI9Aq5xHj0&google_cver=1&google_push=AaAOQGEAwekq_ARjABQdBxIJ9KdaAdYIBNJpNvc4iLKSVNhlv9lVccba7h2VcUUaovaNT_oIvAbV8XyUSj_iW5VQYXbUb6fipuvuV94 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://profit.pakistantoday.com.pk/wp-content/uploads/2021/12/coal-plant1636113936-0.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.pakistantoday.com.pk/wp-content/uploads/2023/07/KSA-buys-Turkish-drones.jpg Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3867440639606058&fa=3&ifi=9&uci=a!9&btvi=4&xpc=tKBO4tbF6c&p=https%3A//jeonews.xyz Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-3867440639606058&fa=4&ifi=10&uci=a!a&btvi=5&xpc=4kkXZ6ak6d&p=https%3A//jeonews.xyz Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.tribune.com.pk
ius.ctnsnet.com
jeonews.xyz
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pool.admedo.com
profit.pakistantoday.com.pk
region1.google-analytics.com
s.tribalfusion.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.geo.tv
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pakistantoday.com.pk
x.bidswitch.net
onetag-sys.com
104.16.122.91
104.17.129.46
104.75.89.75
142.250.74.194
151.101.194.49
178.250.1.9
18.195.75.15
185.29.132.241
192.64.117.79
2.23.197.190
2001:4860:4802:32::36
213.155.156.167
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:830::200a
2a02:fa8:8806:20::2040
2a06:98c1:3120::3
35.186.193.173
35.204.74.118
35.210.53.219
35.71.131.137
37.157.6.243
52.28.142.138
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d79291be74710e91b42db8fe53359e9ea09a632bed3e39f991c295c4d9daacd
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
197cf909f035330d8557e636edba932ab1075eecefa426d312ff5d23e0a87d3a
1acbf8c60ad8f239d06340c2f62467b0e03bf37bc623bf0cacf219c1e2b304e2
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
2060f6e835a5a07da9ae7c7467ce2a78ac1506d0166e7468ca6eec5fe4d391e1
23a99a0875cec45db56775ddc6cd08b1e8628ec34654a78d9d61292f05768d0e
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
2ae9e254e6d7219fecb12ec914965c297e39cb36e272e9dcba0e20a217fe5b9b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e49676acd1d84dde3f5c7016ee1462d55fb01f201d46bc4a340012a3b2e15e3
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38aeadecdd0d209d1f891e4f4ead34bbbed1546146532537847a2fbbb6261bd4
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
4030e98dbf643d9fd052863c3621e1c78ff2b159188d4242afd4579b3f05b116
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46197bed28c97666ef6968c287f6fc15f2b5844f7dceeb37c910d2eac36d6e37
488aeb6ea1ed727e37035d5031dad465bcfd3162935a2b6a4d84dc82f1cbe9a1
4c66ad21d1030670fc359581f5c105d894c6209fbb79a0bc6c39cfa76b0927ae
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4daf320941793316de05d2f3888b6f93a46f43b131e09f9ec5b08a89563524ca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566bf95fd52f7f364d14b041a94298d59063e12a48b755d999d0fdbe9b13bfc9
5a9a2eb21a6f07e0b195fc27e55ad81a4edb2a9ddfc8fddca7edad941b00ffe7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d5ee2ea990988787e3dd82b9b312600c09ce412250e63530e0e347c04b06c1a
5fd9b4b10be5a293cbc0f2f89cb21d2072517953a34fb6ac2e7df8d13a966ffe
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c294fd0325de855617df0a4b6c398ec3e48fef6d2c6b8d78a6f51ebc79ec1c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64aa3aea4984154fa8dbe542159695fdc109c6421f7e7ee3513779404181e676
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65cb2526ef99ecb79817cbfec348ad13bf2fbcd3c1b7568a905e3620661675e0
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72aea742f7649846522e4e84255be9019dee9445637e4dfd31c8714aa8550ad7
73de9adc159f8941a09fe41502914deebbfa4f350d48fd5fed3895bdd680f917
74508879b25f5851bc5c1f6a633d04d81fea1bec08b8a76256d69a5a13e2522a
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a
7e699c29467e040726edb86c65261eb745c8e0c8d183c2311555b1a8454a6141
7e97094fa7d99abbaf24e21ad17c4f48620f56ba393f7ba953344531d8927013
852468c3eae281d336ad6e93654b3b9b67a3970c24494ad8646782d161d5d3fe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0d66c65c6fb6c02f07237d709e187bc76815be3943664bf9bc22650b49ceab
9fde46370e7dfc5dbc549914da67dad5fe3220607a612de2909483d186376bbf
a00d12f52cdda9ed825bef8a0be7af738e7ac029588eff67b8fb4a80f513c059
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16ccdb99bca0153bccbb954b46962356bdc071a58d7733828db586f8e3478b4
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b31dc597e94347ac0068a1ec36d31b99b18652ac11fc54cfbbc37c62ccb1ac
a7b681571ff30f3995a02a82af7654f79a6a13da584883e62a3c52097d20f38f
a9363a2f0aaca40997889d416a6df50f48dbeeb6bbda0d175d70b83f35e73b01
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac382859bf7aa3d8285ae26dc805cfdb5b71ddddbe196ae0a3dbd6288d438ad7
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2caf6225adfc43324a3170669c0fd6ec36c3188f257c7b3ce5636e876a2c9c7
b53113a984496e4ffb256feaf30a04122966443304de3ab1b6609d8c6d7cbb3e
c05fea8330b5355ecc30e841a1808d76279367cb824794ca35309b8e46fbd31f
c9064f89e48d7b37d6fe8f9105f6144f30ab1d10585e41050a1dd608decf8edc
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
d08b5500ad49d9c72a1679a40e05aa734da162f88ed9ba2f331a316b35c25425
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d2c9f518ec6a8748dd27703e15b4c4c1f44590cee03193fe9c542678c80c6b27
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
df0d3ad033200f262dbd0b1e3ad48c531b9cd02b0f5b6db2bbd0b182e5389a4f
e1056ba71e3fcb9898b0cd94af69bdb9f4ce94cca79fd0ac2a1ec1a4d505523a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1ea771281329c3dcd7de50cab950d520d6b41609f156ba7aef7fc09d42e3dca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e84da0afbc1e6aa9ec7da80390fde1a46ed6d4a3df9287985dd4bd1a3e41905a
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

jeonews.xyz Open in urlscan Pro 192.64.117.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

92 %HTTPS

47 %IPv6

30 Domains

36 Subdomains

23 IPs

10 Countries

2755 kBTransfer

7554 kBSize

35 Cookies

3 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jeonews.xyz Open in urlscan Pro
192.64.117.79 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

92 %
HTTPS

47 %
IPv6

30
Domains

36
Subdomains

23
IPs

10
Countries

2755 kB
Transfer

7554 kB
Size

35
Cookies

188 HTTP transactions
15 data transactions