urlscan.io logo urlscan.io
SecurityTrails logo

devilsmegistrate.com Open in urlscan Pro
134.119.218.58  Public Scan

Go To Rescan Add Verdict Report
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Submission: On July 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 9 countries across 27 domains to perform 150 HTTP transactions. The main IP is 134.119.218.58, located in Ascension Island and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is devilsmegistrate.com.
This is the only time devilsmegistrate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 134.119.218.58 29066 (VELIANET-...)
11 192.0.77.37 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
1 192.243.59.13 39572 (ADVANCEDH...)
15 192.0.77.2 2635 (AUTOMATTIC)
1 1 74.208.183.175 8560 (IONOS-AS ...)
1 18.66.122.43 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 142.250.186.66 15169 (GOOGLE)
1 147.75.85.234 54825 (PACKET)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.231.128.63 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
5 142.250.186.130 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.2.150 44788 (ASN-CRITE...)
150 35
34    134.119.218.58 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: eu02.mafiaserver.com
devilsmegistrate.com
11    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.hooliganmedia.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
callprintingdetailed.com
15    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    74.208.183.175 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail09.feedblitz.com
rssfeeds.usatoday.com
1    18.66.122.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-43.fra60.r.cloudfront.net
assets.feedblitzstatic.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
19    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    34.231.128.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-128-63.compute-1.amazonaws.com
1x1.a-mo.net
2    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3602:80b2:ded:f09c:81b2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
34 devilsmegistrate.com
devilsmegistrate.com
577 KB
28 wp.com
c0.wp.com — Cisco Umbrella Rank: 6974
i0.wp.com — Cisco Umbrella Rank: 3319
stats.wp.com — Cisco Umbrella Rank: 2694
pixel.wp.com — Cisco Umbrella Rank: 2487
191 KB
26 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
355 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
266 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
80 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
227 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 92
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1220
1x1.a-mo.net — Cisco Umbrella Rank: 3573
31 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 2733
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
179 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4852
651 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8758
45 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
85 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
577 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
459 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
1 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
539 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2942
104 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
426 B
1 feedblitzstatic.com
assets.feedblitzstatic.com — Cisco Umbrella Rank: 144853
691 B
1 usatoday.com
rssfeeds.usatoday.com — Cisco Umbrella Rank: 224796
369 B
1 callprintingdetailed.com
callprintingdetailed.com
1 hooliganmedia.com
cdn.hooliganmedia.com — Cisco Umbrella Rank: 330150
191 KB
150 27
Domain Requested by
34 devilsmegistrate.com devilsmegistrate.com
c0.wp.com
18 securepubads.g.doubleclick.net cdn.hooliganmedia.com
securepubads.g.doubleclick.net
devilsmegistrate.com
15 i0.wp.com devilsmegistrate.com
11 c0.wp.com devilsmegistrate.com
8 static.criteo.net ads.eu.criteo.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
devilsmegistrate.com
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
5 cm.g.doubleclick.net 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 pagead2.googlesyndication.com devilsmegistrate.com
pagead2.googlesyndication.com
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
www.googletagservices.com
3 1x1.a-mo.net devilsmegistrate.com
3 www.gstatic.com www.google.com
securepubads.g.doubleclick.net
3 www.google.com devilsmegistrate.com
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
3 www.googletagmanager.com devilsmegistrate.com
www.googletagmanager.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 d5p.de17a.com 2 redirects
2 www.googletagservices.com devilsmegistrate.com
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
2 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com devilsmegistrate.com
securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 s0.2mdn.net 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
1 ads.eu.criteo.com 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.wp.com devilsmegistrate.com
1 prebid.a-mo.net cdn.hooliganmedia.com
1 stats.wp.com devilsmegistrate.com
1 assets.feedblitzstatic.com devilsmegistrate.com
1 rssfeeds.usatoday.com 1 redirects
1 callprintingdetailed.com devilsmegistrate.com
1 cdn.hooliganmedia.com devilsmegistrate.com
150 42

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
hooliganmedia.com
E1		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
devilsmegistrate.com
R3		 2022-07-01 -
2022-09-29		 3 months crt.sh
*.a-mo.net
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Frame ID: DED467C8E438EE32EA70A66F8E40FFC5
Requests: 112 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/zrt_lookup.html
Frame ID: 8EB05926E34F53B11F8D3FAB3D0E7A18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8258128902181091&output=html&adk=1812271804&adf=3025194257&lmt=1657468707&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1657468707549&bpp=2&bdt=316&idt=219&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=166089645132&frm=20&pv=2&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068196%2C31068347%2C42531606&oid=2&pvsid=118034525228286&tmod=1035174441&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=236
Frame ID: 70D843E6B835907EDEFC3CA680522060
Requests: 1 HTTP requests in this frame

Frame: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 375F04209B5F15F4CB3CEEA762A3561D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js
Frame ID: 52753EBB9731A10CB6F2C57F59AA3C06
Requests: 8 HTTP requests in this frame

Frame: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 284E7AEB1C76A77EAC96614F9E9ED7EA
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Frame ID: 7649F76CCFD891979692F2E261A2EA86
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 658E6A941DF1CD28876A11A90FC38097
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

150
Requests

68 %
HTTPS

56 %
IPv6

27
Domains

42
Subdomains

35
IPs

9
Countries

2259 kB
Transfer

5366 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • http://rssfeeds.usatoday.com/~/i/702184862/0/usatodaycomnation-topstories HTTP 301
  • https://assets.feedblitzstatic.com/images/blank.gif
Request Chain 130
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 131
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAAf-WV3e_efw3hrkmWPQO8&google_cver=1&google_push=AehlK4DFc918EqaEC4ADoBSFFT6UR6AyQpJmIFRFuUYO-TYFCJwsAhayaVzDkZ2HXtCLBhGMf4WytHvsjPEYjqogwJ1U7RzKRpMIUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAAf-WV3e_efw3hrkmWPQO8&google_push=AehlK4DFc918EqaEC4ADoBSFFT6UR6AyQpJmIFRFuUYO-TYFCJwsAhayaVzDkZ2HXtCLBhGMf4WytHvsjPEYjqogwJ1U7RzKRpMIUw
Request Chain 132
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIA-qf4SBq2EUJimZGtpQgQ&google_cver=1&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj00YcK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj00YcK&google_hm=Njc4NDE3MDU1OTM3MDM4NzYzNg%3D%3D
Request Chain 133
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDEvFbtdIL6vdNKq6A9SZBk&google_cver=1&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDEvFbtdIL6vdNKq6A9SZBk&google_cver=1&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg
Request Chain 134
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPzgeWkUYvvC0fhrpEWFFME&google_cver=1&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKqK2xdHuNxk2QK4KAK5XLO-7DSiBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVGSTJPUDEtNS1IMlNS&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKqK2xdHuNxk2QK4KAK5XLO-7DSiBw

150 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/ 		111 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
ccd03add580b3e19526b7e49a99da27c39163f79cda9e5af3e33e7af0754da22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 15:58:27 GMT
Link
<https://devilsmegistrate.com/wp-json/>; rel="https://api.w.org/" <https://devilsmegistrate.com/wp-json/wp/v2/posts/17163>; rel="alternate"; type="application/json" <https://devilsmegistrate.com/?p=17163>; rel=shortlink
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Pingback
http://devilsmegistrate.com/xmlrpc.php
style.min.css
c0.wp.com/c/6.0/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Tue, 17 May 2022 15:43:41 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.0/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.0/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
wp-automatic.css
devilsmegistrate.com/wp-content/plugins/wp-automatic/css/ 		3 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Sep 2018 15:06:40 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
655
Expires
Sun, 17 Jul 2022 15:58:27 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto%3A500%2C700%2C400%7CSpartan%3A400%2C500%2C600%2C700%2C600&display=fallback&ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea06c516f8f6d4dde9e506f6000b01e0fa49f85c474d866dc8bf633b537f65ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 10 Jul 2022 15:58:27 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sun, 10 Jul 2022 15:58:27 GMT
bootstrap.min.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		160 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/bootstrap.min.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23857
Expires
Sun, 17 Jul 2022 15:58:27 GMT
flaticon.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/fonts/flaticon-neeon/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/fonts/flaticon-neeon/flaticon.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
acca001c72f00dff3bbc3aa9ca573dcd31affcad0835b4287f381638a33ea2e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
741
Expires
Sun, 17 Jul 2022 15:58:27 GMT
magnific-popup.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/magnific-popup.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1811
Expires
Sun, 17 Jul 2022 15:58:27 GMT
font-awesome.min.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
f479c8026856fbe9aebc9234a1322f9eb81796a312b3c45944c4329f1fdbc52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12406
Expires
Sun, 17 Jul 2022 15:58:27 GMT
animate.min.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		59 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/animate.min.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
f1abdca5fe9f3f60172deab5407c43988d83db6845259fd67069806cd2084ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3762
Expires
Sun, 17 Jul 2022 15:58:27 GMT
default.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/default.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
4910fbc6161296e74d710cda65e9178e33e3a38af92e7f8c54a3dae3866a01ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3400
Expires
Sun, 17 Jul 2022 15:58:27 GMT
elementor.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		100 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/elementor.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
ed71b194f2def5b8e4d455829aa47fe19c747378c9980c9c72a0ef9ad724f2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 06:43:24 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12070
Expires
Sun, 17 Jul 2022 15:58:27 GMT
style.css
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/ 		241 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/style.css?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
3f2c3886d6f704749a12a2312912e39b2ab4fb2885a3f21260eb8172dbc56c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 06:43:18 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36752
Expires
Sun, 17 Jul 2022 15:58:27 GMT
app.min.css
devilsmegistrate.com/wp-content/plugins/review-schema/assets/css/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/review-schema/assets/css/app.min.css?ver=1.1.14
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
897676a3130fc9eef66b6c451abb62a856fac858a39adcf08efec3e85883ad7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jul 2022 15:37:06 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6723
Expires
Sun, 17 Jul 2022 15:58:27 GMT
wp-emoji-release.min.js
devilsmegistrate.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Apr 2022 09:26:24 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5021
Expires
Sun, 17 Jul 2022 15:58:27 GMT
jetpack.css
c0.wp.com/p/jetpack/11.1/css/ 		84 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.1/css/jetpack.css
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Tue, 14 Jun 2022 17:23:51 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
related-posts.min.js
c0.wp.com/p/jetpack/11.1/_inc/build/related-posts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.1/_inc/build/related-posts/related-posts.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
jquery.min.js
c0.wp.com/c/6.0/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/jquery/jquery.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
jquery-migrate.min.js
c0.wp.com/c/6.0/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
main-front.js
devilsmegistrate.com/wp-content/plugins/wp-automatic/js/ 		1017 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.0
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jan 2020 12:09:46 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
382
Expires
Sun, 17 Jul 2022 15:58:27 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-204880487-1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f614659fe55c7a05d504c699168beedd3e5ed280f9d0eb46e76ad1adeb13637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41357
x-xss-protection
0
expires
Sun, 10 Jul 2022 15:58:27 GMT
api.js
www.google.com/recaptcha/ 		850 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=admin&ver=6.0
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Sun, 10 Jul 2022 15:58:27 GMT
hmads0.js
cdn.hooliganmedia.com/ 		191 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hooliganmedia.com/hmads0.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
292133e4193d2c14dd01d0328e010385d0f5f7ed42cda78a9d7b4207a0c10d91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Connection
Keep-Alive
Last-Modified
Sun, 08 May 2022 19:06:17 GMT
x-amz-request-id
tx000000000000115d716f2-0062caefe5-319b94c5-nyc3c
etag
"3b8e01be0809d7c7a4d5192411d2d5a6"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1657468707.dop246.fr8.t,1657468707.cds123.fr8.shn,1657468707.dop246.fr8.t,1657468707.cds148.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=1746
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
195340
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8258128902181091
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f47f3a9f9a598a15bdd9d99ed47f5556e4775c2321201b7906df741d19898faa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56440
x-xss-protection
0
server
cafe
etag
7422884581013681791
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Jul 2022 15:58:27 GMT
invoke.js
callprintingdetailed.com/637ad64c78195553d0f108a6c9f558b3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://callprintingdetailed.com/637ad64c78195553d0f108a6c9f558b3/invoke.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:28 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
usatodaycomnation-topstories.gif
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/07/ 		37 B
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/07/usatodaycomnation-topstories.gif?resize=1%2C1&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
385080d94464e3fc57811ac0dba98da7b17373fb8d13b59c069b221dc9d1dc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
content-type
text/html; charset=utf-8
blank.gif
assets.feedblitzstatic.com/images/
Redirect Chain
  • http://rssfeeds.usatoday.com/~/i/702184862/0/usatodaycomnation-topstories
  • https://assets.feedblitzstatic.com/images/blank.gif
43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.feedblitzstatic.com/images/blank.gif
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Server
18.66.122.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-key
images/blank.gif
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
age
820973
x-cache
Hit from cloudfront
x-amz-meta-id
382b969a55524a1b465f34b2ca00ec47a045e677aadbda2cb29f4d682daa649f
x-amz-meta-md5-hash
fc94fb0c3ed8a8f909dbc7630a0987ff
content-length
43
x-amz-meta-bucketexplorer-sha1
56d45f8a17f5078a20af9962c992ca4678450765
x-amz-meta-etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
last-modified
Fri, 05 Feb 2021 13:57:36 GMT
server
AmazonS3
x-amz-meta-bucketexplorer-md5
fc94fb0c3ed8a8f909dbc7630a0987ff
date
Fri, 01 Jul 2022 03:55:35 GMT
content-type
image/gif
x-amz-meta-bucket
assets.feedblitz.com
cache-control
public, max-age=864000, immutable
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
qZJMEJ9ybgtDtcvynEjvUdiRE5puK_UedsftQAeEpbw5UV5lnFTp3Q==

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
Location
https://assets.feedblitzstatic.com/images/blank.gif
Date
Sun, 10 Jul 2022 15:58:27 GMT
X-Frame-Options
sameorigin
Access-Control-Allow-Origin
*
Content-Length
1
X-XSS-Protection
1
fblike20.png
i0.wp.com/assets.feedblitz.com/i/ 		540 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.feedblitz.com/i/fblike20.png?fit=1200%2C20&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f888b3f61e3e3e0f8de9131953ecba9ae0b55c199cb81131892536ddaec954ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
etag
"4d78a6bf1284af63"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.feedblitz.com/i/fblike20.png>; rel="canonical"
content-length
540
expires
Wed, 10 Jul 2024 03:58:27 GMT
pinterest20.png
i0.wp.com/assets.feedblitz.com/i/ 		720 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.feedblitz.com/i/pinterest20.png?fit=1200%2C20&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
05e4aaf7f4d6cedd0ae0f50bdf701da818331c6816409ed2d43ed3dc3fedb511
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
etag
"759db4a9709958b5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.feedblitz.com/i/pinterest20.png>; rel="canonical"
content-length
720
expires
Wed, 10 Jul 2024 03:58:27 GMT
twitter20.png
i0.wp.com/assets.feedblitz.com/i/ 		246 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.feedblitz.com/i/twitter20.png?fit=1200%2C20&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e889243ce815e1a40d7e5f27c2002f5f890b53d2e0ad314245d7aa683aa81331
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
etag
"3e9dc7faf6d21210"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.feedblitz.com/i/twitter20.png>; rel="canonical"
content-length
246
expires
Wed, 10 Jul 2024 03:58:27 GMT
email20.png
i0.wp.com/assets.feedblitz.com/i/ 		318 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.feedblitz.com/i/email20.png?fit=1200%2C20&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
45666d0fdb45f7d5c23be3f00e161ff4c9ee4931c2b4f3ced0393103c2714a46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
etag
"9c1a2e5de2a5ba31"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.feedblitz.com/i/email20.png>; rel="canonical"
content-length
318
expires
Wed, 10 Jul 2024 03:58:27 GMT
rss20.png
i0.wp.com/assets.feedblitz.com/i/ 		286 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.feedblitz.com/i/rss20.png?fit=1200%2C20&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
339dae57e950f06ef9dc0397d531592d2750201081628098edc30f70897f32bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jul 2022 15:58:27 GMT
server
nginx
etag
"93bc881eeb5ae770"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.feedblitz.com/i/rss20.png>; rel="canonical"
content-length
286
expires
Wed, 10 Jul 2024 03:58:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=admin&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 13:51:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A500%2C700%2C400%7CSpartan%3A400%2C500%2C600%2C700%2C600&display=fallback&ver=1.9
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 08:44:44 GMT
X-Content-Type-Options
nosniff
Age
371623
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15744
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:48 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 06 Jul 2023 08:44:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A500%2C700%2C400%7CSpartan%3A400%2C500%2C600%2C700%2C600&display=fallback&ver=1.9
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 14:37:23 GMT
X-Content-Type-Options
nosniff
Age
523264
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15860
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:42 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 04 Jul 2023 14:37:23 GMT
l7gfbjR61M69yt8Z2QKtlA.woff2
fonts.gstatic.com/s/spartan/v13/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/spartan/v13/l7gfbjR61M69yt8Z2QKtlA.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A500%2C700%2C400%7CSpartan%3A400%2C500%2C600%2C700%2C600&display=fallback&ver=1.9
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dafee94503045e0635357203c66c770f22c02fecdcc26a657ef64789a30a4615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 07 Jul 2022 08:21:54 GMT
X-Content-Type-Options
nosniff
Age
286593
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
31940
X-XSS-Protection
0
Last-Modified
Wed, 27 Apr 2022 16:20:33 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 07 Jul 2023 08:21:54 GMT
/
devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Pingback
http://devilsmegistrate.com/xmlrpc.php
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
Keep-Alive
Link
<https://devilsmegistrate.com/wp-json/>; rel="https://api.w.org/", <https://devilsmegistrate.com/wp-json/wp/v2/posts/17163>; rel="alternate"; type="application/json", <https://devilsmegistrate.com/?p=17163>; rel=shortlink
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto%3A500%2C700%2C400%7CSpartan%3A400%2C500%2C600%2C700%2C600&display=fallback&ver=1.9
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 15:23:38 GMT
X-Content-Type-Options
nosniff
Age
520489
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15920
X-XSS-Protection
0
Last-Modified
Wed, 11 May 2022 19:24:45 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 04 Jul 2023 15:23:38 GMT
fa-regular-400.woff2
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/fa-regular-400.woff2
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
021f51aca02ae25bb5e5c28b95ddc2a8149042820c843ded9099ff9e45b68c5c

Request headers

Referer
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Content-Type
font/woff2
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13588
Expires
Sun, 17 Jul 2022 15:58:27 GMT
fa-solid-900.woff2
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/fa-solid-900.woff2
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
15809710190c5c2edbf07f0db683ade85fb801f8ff08a2dbb93eea9d0d4e6df2

Request headers

Referer
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Content-Type
font/woff2
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
79464
Expires
Sun, 17 Jul 2022 15:58:27 GMT
fa-brands-400.woff2
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/webfonts/fa-brands-400.woff2
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
cb3c124e6b9a35586f2eb1b20be4074dbca4d821bf52f7ad69e87981ef99a8fd

Request headers

Referer
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/font-awesome.min.css?ver=1.9
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Content-Type
font/woff2
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
76576
Expires
Sun, 17 Jul 2022 15:58:27 GMT
fontello.woff2
devilsmegistrate.com/wp-content/plugins/review-schema/assets/vendor/fontello/font/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/review-schema/assets/vendor/fontello/font/fontello.woff2?29669474
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/wp-content/plugins/review-schema/assets/css/app.min.css?ver=1.1.14
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
af827cb1d419feb5c3b75812447bf6470685e5bd59d1a2935eed6149b5e97edc

Request headers

Referer
http://devilsmegistrate.com/wp-content/plugins/review-schema/assets/css/app.min.css?ver=1.1.14
Origin
http://devilsmegistrate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Last-Modified
Wed, 06 Jul 2022 15:37:06 GMT
Content-Type
font/woff2
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5792
Expires
Sun, 17 Jul 2022 15:58:27 GMT
blog_65.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/blog_65.jpg?resize=200%2C200&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
acd541287ed9a2fff64ea60a7af0840a8b33a8744791b06629ae0ee294cd9258
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:39 GMT
server
nginx
etag
"202e1d433bd10486"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/blog_65.jpg>; rel="canonical"
content-length
10126
expires
Sat, 06 Jul 2024 17:02:39 GMT
blog_15.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/blog_15.jpg?resize=200%2C200&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ab2517565e5aafaec8dffd0154a8a871a76fab478c96e680fad255da70021cc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"a552cff30585e56e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/blog_15.jpg>; rel="canonical"
content-length
3752
expires
Sat, 06 Jul 2024 17:02:40 GMT
blog_60.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/blog_60.jpg?resize=200%2C200&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
65ae2d65f6bfe0fd7f2237987117b2787a96aba18ea01899f1772cc6c13231a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"2df2f5ebc0da5501"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/blog_60.jpg>; rel="canonical"
content-length
5218
expires
Sat, 06 Jul 2024 17:02:40 GMT
logo-light.svg
devilsmegistrate.com/wp-content/uploads/2022/01/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devilsmegistrate.com/wp-content/uploads/2022/01/logo-light.svg
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
afbdbdc58ead3db9e55aae52e9657702d714c161462ab1bee59386b5ce183845

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 15:57:14 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
1752
expires
Sun, 17 Jul 2022 15:58:27 GMT
fluent-forms-public.css
devilsmegistrate.com/wp-content/plugins/fluentform/public/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/fluentform/public/css/fluent-forms-public.css?ver=4.3.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
3490df652bcc0a9bb52f17f61b66a6ed00f85f87a7eeac6f6fa209f868d15a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jul 2022 15:37:11 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2184
Expires
Sun, 17 Jul 2022 15:58:27 GMT
fluentform-public-default.css
devilsmegistrate.com/wp-content/plugins/fluentform/public/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/fluentform/public/css/fluentform-public-default.css?ver=4.3.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
3182ce7ea730f9b4d4e451e6f8e4e8e3c72eb0573d19f21e1c66ed3cad9762df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jul 2022 15:37:11 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3702
Expires
Sun, 17 Jul 2022 15:58:27 GMT
photon.min.js
c0.wp.com/p/jetpack/11.1/_inc/build/photon/ 		685 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/11.1/_inc/build/photon/photon.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Tue, 07 Dec 2021 16:56:47 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
bootstrap.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/bootstrap.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16337
Expires
Sun, 17 Jul 2022 15:58:27 GMT
comment-reply.min.js
c0.wp.com/c/6.0/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/comment-reply.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
jquery.ticker.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/jquery.ticker.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
f5f29de90892dccd475df9c48619e1521eb37dcd91b3d95ecb859ff53890c161

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 06:40:38 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2594
Expires
Sun, 17 Jul 2022 15:58:27 GMT
theia-sticky-sidebar.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/theia-sticky-sidebar.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
becf800888dc4f3093e57c79a983953d38b9a21ec330fa02cb585f96eb923eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1745
Expires
Sun, 17 Jul 2022 15:58:27 GMT
jquery.magnific-popup.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/jquery.magnific-popup.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7379
Expires
Sun, 17 Jul 2022 15:58:27 GMT
wow.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/wow.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
0e758efeef1e7112e28bb08bbecb891bfda1a89c9ff4da69a09259418dd7d7ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2200
Expires
Sun, 17 Jul 2022 15:58:27 GMT
rt-parallax.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		2 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/rt-parallax.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
e0bf568dffb7867df64321aaa31d0a2d3800854b84976157852414accf394693

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
644
Expires
Sun, 17 Jul 2022 15:58:27 GMT
isotope.pkgd.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/isotope.pkgd.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9855
Expires
Sun, 17 Jul 2022 15:58:27 GMT
swiper.min.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		142 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/swiper.min.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
515b83580607a0740411c249a43b9a699a352def59e5833692f88dfc0c82fffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38722
Expires
Sun, 17 Jul 2022 15:58:27 GMT
imagesloaded.min.js
c0.wp.com/c/6.0/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/imagesloaded.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
masonry.min.js
c0.wp.com/c/6.0/wp-includes/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.0/wp-includes/js/masonry.min.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 10 Jul 2023 15:58:27 GMT
main.js
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/ 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/js/main.js?ver=1.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
43bb10504c90086d2f6bd803a8c6fa46de7e75f5482532901d9f47ff9c5887b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 05:54:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7251
Expires
Sun, 17 Jul 2022 15:58:27 GMT
app.min.js
devilsmegistrate.com/wp-content/plugins/review-schema/assets/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/review-schema/assets/js/app.min.js?ver=1.1.14
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
86833c890770dcd3731d14ddc03e5868bb0e46ba63d2e1adcf1dbbbb78f5cde9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jul 2022 15:37:06 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5530
Expires
Sun, 17 Jul 2022 15:58:27 GMT
post-banner_1.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/post-banner_1.jpg?fit=311%2C332&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
b4140075de18e3bc7b02612effe70804d201e20563821ee585f3c196738e1189
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:41 GMT
server
nginx
etag
"97f703dc8acf3d0b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/post-banner_1.jpg>; rel="canonical"
content-length
9478
expires
Sat, 06 Jul 2024 17:02:41 GMT
element_5.png
devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/element/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/element/element_5.png
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/style.css?ver=1.9
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
aed43a53a74b4ff28967a97854805f95becd066f90a08906575cbd822b3c5d15

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/wp-content/themes/neeon%20v1.9%20Nulled/assets/css/style.css?ver=1.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Last-Modified
Fri, 28 Jan 2022 08:14:32 GMT
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
77540
Expires
Sun, 17 Jul 2022 15:58:27 GMT
action.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/action.jpg?w=310&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1b27f281088ec70d82e91bc2bf9c6d6d13a40eb22f7edfca63150b7d49c8e317
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"8a08b51af92a291c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/action.jpg>; rel="canonical"
content-length
6526
expires
Sat, 06 Jul 2024 17:02:40 GMT
photography_05.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/03/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/03/photography_05.jpg?resize=551%2C431&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f157a43967dbdd8b0521119ee525583c202eeb09e0196ae54f071e8581914b9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"a8bd4658e2b5f75d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2022/03/photography_05.jpg>; rel="canonical"
content-length
20718
expires
Sat, 06 Jul 2024 17:02:40 GMT
travel.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2021/12/travel.jpg?w=310&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
35f0a3a75733e6708a2c1f87d93a51e79ab0978e7f479d53d4ea3ebd29ca66cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"07213099a8b29e33"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2021/12/travel.jpg>; rel="canonical"
content-length
6230
expires
Sat, 06 Jul 2024 17:02:40 GMT
animal_01.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/03/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/03/animal_01.jpg?resize=551%2C431&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
7b6be334de5db27151ba531725b2cc3d4308523239266e8d95ee80083e3b566b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"dd4664737d499f08"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2022/03/animal_01.jpg>; rel="canonical"
content-length
28090
expires
Sat, 06 Jul 2024 17:02:40 GMT
automotive_06.jpg
i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/06/automotive_06.jpg?resize=551%2C431&ssl=1
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
49568f06e705a9696fb478ebbd6e1238e810b5ca3852c21beda23ad038b99ee6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 05:02:40 GMT
server
nginx
etag
"d6393c259d93c4d8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://devilsmegistrate.com/wp-content/uploads/2022/06/automotive_06.jpg>; rel="canonical"
content-length
20816
expires
Sat, 06 Jul 2024 17:02:40 GMT
form-submission.js
devilsmegistrate.com/wp-content/plugins/fluentform/public/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/wp-content/plugins/fluentform/public/js/form-submission.js?ver=4.3.9
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
9b51edd6aa119f10aa09d9d0a9619bfaa5c3f10cd12c8686a64870cd0d697a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jul 2022 15:37:12 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5781
Expires
Sun, 17 Jul 2022 15:58:27 GMT
e-202227.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202227.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 26 Jun 2023 00:37:21 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1C2JX5PEEE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204880487-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d78d86dcdbb92b27e91c7c29f7a88b1ac909343af5975ea8b0f00895eda6886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70539
x-xss-protection
0
expires
Sun, 10 Jul 2022 15:58:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204880487-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3739
date
Sun, 10 Jul 2022 14:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 10 Jul 2022 16:56:08 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S256736YV6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204880487-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e3bce2d6a6fa633474f8b2da84e554a28ef305e864c1a5cca07644a5b8fb370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70535
x-xss-protection
0
expires
Sun, 10 Jul 2022 15:58:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/ 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8258128902181091&plah=devilsmegistrate.com&bust=31068347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8258128902181091
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1110cb09c07dfcbbf660e7587c251b46b9060503a840f74dc5c9a48ae7ecc587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122296
x-xss-protection
0
server
cafe
etag
716852515074838855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Jul 2022 15:58:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/ Frame 8EB0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8258128902181091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Jul 2022 20:31:51 GMT
etag
10429905676100781186
expires
Sat, 23 Jul 2022 20:31:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28091
x-xss-protection
0
server
sffe
etag
"1269 / 937 of 1000 / last-modified: 1657317992"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Jul 2022 15:58:27 GMT
c
prebid.a-mo.net/a/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.hooliganmedia.com
URL: https://cdn.hooliganmedia.com/hmads0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4abd81dd791db3f9b00186012cccaeba6675df13d88a098c8779a14a9c6f8e59

Request headers

Referer
http://devilsmegistrate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
137
content-length
30897
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1C2JX5PEEE&gtm=2oe6t0&_p=1726030125&_z=ccd.v9B&cid=895346896.1657468708&ul=en-us&sr=1600x1200&_s=1&sid=1657468707&sct=1&seg=0&dl=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&dt=Sri%20Lanka%20protesters%20storm%20president%27s%20workplace%20-%20Devil%27s%20Megistrate&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1C2JX5PEEE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S256736YV6&gtm=2oe6t0&_p=1726030125&_z=ccd.v9B&gdid=dZTNiMT&cid=895346896.1657468708&ul=en-us&sr=1600x1200&_s=1&sid=1657468707&sct=1&seg=0&dl=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&dt=Sri%20Lanka%20protesters%20storm%20president%27s%20workplace%20-%20Devil%27s%20Megistrate&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S256736YV6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A11.1&blog=200497823&post=17163&tz=0&srv=devilsmegistrate.com&host=devilsmegistrate.com&ref=&fcp=524&rand=0.8895495585022988
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 10 Jul 2022 15:58:27 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
/
devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/?relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/11.1/_inc/build/related-posts/related-posts.min.js
Protocol
HTTP/1.1
Server
134.119.218.58 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
eu02.mafiaserver.com
Software
/
Resource Hash
a2cdbd1526124814ec0dc743063903e2abfdb043a16c36603e9beda7ff0361db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Pingback
http://devilsmegistrate.com/xmlrpc.php
Content-Type
application/json; charset=utf-8
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1099
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1726030125&t=pageview&_s=1&dl=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&ul=en-us&de=UTF-8&dt=Sri%20Lanka%20protesters%20storm%20president%27s%20workplace%20-%20Devil%27s%20Megistrate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1511750949&gjid=2030944151&cid=895346896.1657468708&tid=UA-204880487-1&_gid=1714821067.1657468708&_r=1&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=2011268335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://devilsmegistrate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		224 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=devilsmegistrate.com&callback=_gfp_s_&client=ca-pub-8258128902181091
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8258128902181091&plah=devilsmegistrate.com&bust=31068347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
02fe6be49f31a8cdec076e42e94a358a0b9da9c12a92e12e973607bfe5f82275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=devilsmegistrate.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8258128902181091&plah=devilsmegistrate.com&bust=31068347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=devilsmegistrate.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8258128902181091&plah=devilsmegistrate.com&bust=31068347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 70D8 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8258128902181091&output=html&adk=1812271804&adf=3025194257&lmt=1657468707&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1657468707549&bpp=2&bdt=316&idt=219&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=166089645132&frm=20&pv=2&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068196%2C31068347%2C42531606&oid=2&pvsid=118034525228286&tmod=1035174441&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=236
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8258128902181091&plah=devilsmegistrate.com&bust=31068347
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 15:58:27 GMT
expires
Sun, 10 Jul 2022 15:58:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022063001.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130816
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jul 2023 13:36:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		42 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=devilsmegistrate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47e80e07c5bd39a411df97024f5ace6823ebe96aabe08571ec3b89b6df4e96f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56
x-xss-protection
0
expires
Sun, 10 Jul 2022 15:58:27 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-204880487-1&cid=895346896.1657468708&jid=1511750949&gjid=2030944151&_gid=1714821067.1657468708&_u=YCDACUAABAAAAC~&z=1699424396
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://devilsmegistrate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Jul 2022 15:58:27 GMT
content-type
text/plain
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbst
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=728&h=90&bid=12fe17a5ebe4b69&c1=banner&np=0.02754&aud=10a535480f9edaa&a=hm-leaderboard-1&c2=hb_bidder%3Damx%26hb_adid%3D12fe17a5ebe4b69%26hb_pb%3D0.02%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dbusinessinfoline.com&ts=1657468707932&eid=16c647bc47be509
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.128.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-128-63.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
g_pbst
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=120&h=600&bid=13c5a249e1fc6f&c1=banner&np=0.0024225&aud=4a09d6ef96744d&a=hm-skyscraper-1&c2=hb_bidder%3Damx%26hb_adid%3D13c5a249e1fc6f%26hb_pb%3D0.00%26hb_size%3D120x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dhttp%253A%252F%252Fsponsored.360topics.com&ts=1657468707932&eid=17857e82fe61062
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.128.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-128-63.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
g_pbst
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=120&h=600&bid=1400c2ec76ee3b2&c1=banner&np=0.0029068&aud=547ee3c1a04c5e&a=hm-skyscraper-2&c2=hb_bidder%3Damx%26hb_adid%3D1400c2ec76ee3b2%26hb_pb%3D0.00%26hb_size%3D120x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dhttp%253A%252F%252Fsponsored.360topics.com&ts=1657468707932&eid=18c392a5015774
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.128.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-128-63.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=devilsmegistrate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=devilsmegistrate.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=2603832819512012&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Chm-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1874771964&sfv=1-0-38&ecs=20220710&ists=1&fas=8&fsapi=false&prev_scp=pos%3Dinterstitial&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707960&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
237deb9a33eceb8bd76eda1721c728ddf25f9a21161fee10ac9b2e3b7901de55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28513
x-xss-protection
0
google-lineitem-id
5992788937
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138389561865
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Chm-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=2830129390&sfv=1-0-38&ecs=20220710&ists=1&fas=2&fsapi=false&prev_scp=pos%3Danchor-top&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707962&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
289a5dcdc17002533954d460c11c55d14b6e3e08eeb275cfc9fd65eac202be44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14703
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=4&adks=1904800462&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dbillboard-1&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707963&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
98cc50fcb84b9e97532ae78748485d306e2215caaa963c4e04fdb3a93ab82ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11504
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=5&adks=4162055255&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dbillboard-2&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707965&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3d39a57111b92ea63ded28af171b7552ba3ab9ba814f99cc2747493d8c24254c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11145
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cbillboard-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=6&adks=2141707104&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dbillboard-3&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707966&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d509a2a2e58960adc7be6d853e2c3c740d3ac2b9b282e515be00885830e0ade4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11465
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=7&adks=930618674&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dskyscraper-1%26hb_format_amx%3Dbanner%26hb_size_amx%3D120x600%26hb_pb_amx%3D0.00%26hb_adid_amx%3D13c5a249e1fc6f%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D120x600%26hb_pb%3D0.00%26hb_adid%3D13c5a249e1fc6f%26hb_bidder%3Damx&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707967&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
611345e159eacd8db03a89ecad81906a974388fcdade00e58b1899b6a14df186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11540
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cskyscraper-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600&ifi=8&adks=1135442077&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dskyscraper-2%26hb_format_amx%3Dbanner%26hb_size_amx%3D120x600%26hb_pb_amx%3D0.00%26hb_adid_amx%3D1400c2ec76ee3b2%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D120x600%26hb_pb%3D0.00%26hb_adid%3D1400c2ec76ee3b2%26hb_bidder%3Damx&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707968&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
cdbfc52bfa5a471b0028be37dd4f5dd1d076fd333e5828dba2a2e7fc21bc00e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11370
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2CMPU-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=9&adks=2469478460&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3DMPU-1&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707971&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4f68be73f2b1bf0c31b603c85a7e48bc7ef73f791600cd59e0c25385e917c09f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11541
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2CMPU-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=10&adks=2809825188&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3DMPU-2&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707973&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6a7d2557d30c5e38693f126eb341ab10f57075b6452dd69122cd64bc537b643d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18436
x-xss-protection
0
google-lineitem-id
5992788937
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138390010723
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2CMPU-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=11&adks=2542882550&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3DMPU-3&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707975&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
34f3542303af5898a6d916ad1aaf2295e0e11721fdb74a4843a5e45366e1fe82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18527
x-xss-protection
0
google-lineitem-id
5992788937
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138390010492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2CMPU-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=12&adks=1584201766&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3DMPU-4&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707976&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
14992b7cb8210999ebdcdb55492a565da398bbaa0f0ba978fd47ff900696272d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11413
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=13&adks=2271901398&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dleaderboard-1%26hb_format_amx%3Dbanner%26hb_size_amx%3D728x90%26hb_pb_amx%3D0.02%26hb_adid_amx%3D12fe17a5ebe4b69%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D12fe17a5ebe4b69%26hb_bidder%3Damx&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707977&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
04abc87e3e433b43fd4504203f3b4578ecc825e4b68ef101dbf1da21e040ee51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11580
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118034525228286&correlator=4368980182999160&eid=44768338%2C31068364%2C42531606&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=115975610%2Cleaderboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=14&adks=3572833128&sfv=1-0-38&ecs=20220710&fsapi=false&prev_scp=pos%3Dleaderboard-2&eri=1&cust_params=site%3Ddevilsmegistrate.com&sc=0&cookie=ID%3D1f891f1e3409ec45-220912fc96d30038%3AT%3D1657468707%3ART%3D1657468707%3AS%3DALNI_MazbxAx_TJZbQJ8wWCr5gn3M0dkdw&abxe=1&dt=1657468707979&lmt=1657468707&dlt=1657468707233&idt=684&biw=1600&bih=1200&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fdevilsmegistrate.com%2Fsri-lanka-protesters-storm-presidents-workplace%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=895346896.1657468708&ga_sid=1657468708&ga_hid=1726030125&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5a6e6478ccea3814184971cfc0d7be55d668f64a5b839f578eeeb779e58fff8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11383
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://devilsmegistrate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 375F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 15:58:28 GMT
expires
Mon, 10 Jul 2023 15:58:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022063001.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022063001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
ebb8e8964b5b86218a37d73f701503ff287126d5573b27c20b654bcb2f5f8044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 13:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13574
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jul 2023 13:10:44 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b634b26205ab0ff64d5ad4d675ce65e3ad48944e8b85a9abd098914ef1704a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 15:58:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 10 Jul 2022 15:58:28 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sun, 10 Jul 2022 15:58:28 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 14:52:49 GMT
x-content-type-options
nosniff
age
3939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 10 Jul 2023 14:52:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:57:41 GMT
x-content-type-options
nosniff
age
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 10 Jul 2023 15:57:41 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 10 Jul 2022 15:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 15:33:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 5275 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 15:56:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 5275 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 15:57:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5275 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43254
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657132091081416"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Jul 2022 15:58:28 GMT
l
www.google.com/ads/measurement/ Frame 5275 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQ51iIHmAysCtcReimJBereVnE23uR44KFjKrBIPZvwq8q0BKwtElpxKVBYLCQidLHjvq2QY2BPUMGOKQCXh1VHShIQ7g
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
4718199968543105182
tpc.googlesyndication.com/simgad/ Frame 5275 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4718199968543105182
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b4e022bfeee7ab6bb0d70be7be40aede2a69e9585329e22472f49c3285238b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 18:07:50 GMT
x-content-type-options
nosniff
age
510638
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50126
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 17:35:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 04 Jul 2023 18:07:50 GMT
truncated
/ Frame 5275 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
143876a84243de6cfc9f6dfc493b3336537d126a6ca9225a1e937fdecbba29b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5275 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSR2vQcJOd1rPZ2F-iHDPZkYldkDcC_7KDJ1bmgpmqGyCCJHCczhOCYkGjx8fVH9qVY6L-VgyPvh4_yPCMXzwV6x4bAP0miMP7BmNnnZVj7oYCVnl76Krf7gz1ZeJ7vujUoo3ONH5a17lElMdaiq37skguC0jxMZ_ERz5OG1DOVq-e3MJNFWa6K2z2eECVWDKOQ5gr7Yo10A0cEK6MFsTjtliIwEwYaeTTe2ReWMo5DNUY04alTTGU3_jelQ6sr3NaQRCFOfPGx1A3oFCaRwoYK-6EbtErUiq7HBlzb1w567KshSnzif4TqehznVwc4JwolENLJD6-9sM&sig=Cg0ArKJSzER6hmOa4JNqEAE&uach_m=[UACH]&adurl=
Requested by
Host: devilsmegistrate.com
URL: http://devilsmegistrate.com/sri-lanka-protesters-storm-presidents-workplace/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Jul 2022 15:58:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
container.html
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 284E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://devilsmegistrate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 15:58:28 GMT
expires
Mon, 10 Jul 2023 15:58:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7649 		128 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a686aadec752876e7ebb0c48140f406fb5f1402593a254fc6e69e62630fb3d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 15:58:28 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=m4sEqggQpyGPmJtxrTEQlj8G_HS3MU11PzRfBUtndp1OoLXyzXW-_4Lfd5UsVdyYR2lcojzJOtTwuapQcoHhTUCq_CCrc9Y2qOjkJ0oToQO98MF-JUoOCQU77_HOk1_T-omwN2Yg_EzMcN8WUGYb1_ndYBpAt1yTuRCqGdDY5TGVawYzUXYVzzQz3cs0BTz1ZnnTK2NacfTeOEPV11zD-0o1VqbhU_ae0Qr67NYu4C1wNVMKBL3Dv0TuQWHzKQrtp6Wbcw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60805650
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 284E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 15:57:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 658E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9136
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 13:26:12 GMT
etag
48472445140208031
expires
Mon, 11 Jul 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 284E 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43254
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657132091081416"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Jul 2022 15:58:28 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 284E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:54:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 15:54:05 GMT
l
www.google.com/ads/measurement/ Frame 284E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE94hBA-02HMT0RbgIVg2lqJh_CnwGAK858-l25EbUeBJD1EmPJU_lk8Duuv_togwyORl2qAFGSsqdphWgFXxtP736_Q
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 284E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 07:46:03 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 658E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHJKmhDIa70TqdQE6rGYCI&google_cver=1&google_push=AehlK4DXv7sjNl8wk7wF0KKeVA_zxc9tQucDfO0eegXOK2GoIKr1ZHcgFU_jwXGHew6VNyJraHS8NysM_NQCGAFtbyBnMSBEMy4kkQ
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 658E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3...
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
728a80469ea3695d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1130
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
728a80455c71695d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENKu6Uy1cd2xgQa9wr9pBrs&google_cver=1&google_push=AehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4D1tyCVIMNyKs12A3LCHxAs-k4fbuMCOiVnmomp3qmxWqWeClWS_CQJRLaPZk78Ekwn3HThF4J-30N9Mo2D5gH_pVVgKo3Y4w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAAf-WV3e_efw3hrkmWPQO8&google_push=AehlK4DFc918EqaEC4ADoBSFFT6UR6AyQpJmIFRFuUYO-TYFCJwsAhayaV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAAf-WV3e_efw3hrkmWPQO8&google_push=AehlK4DFc918EqaEC4ADoBSFFT6UR6AyQpJmIFRFuUYO-TYFCJwsAhayaVzDkZ2HXtCLBhGMf4WytHvsjPEYjqogwJ1U7RzKRpMIUw
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1657468709.695589,VS0,VE89
x-served-by
cache-hhn4045-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAAf-WV3e_efw3hrkmWPQO8&google_push=AehlK4DFc918EqaEC4ADoBSFFT6UR6AyQpJmIFRFuUYO-TYFCJwsAhayaVzDkZ2HXtCLBhGMf4WytHvsjPEYjqogwJ1U7RzKRpMIUw
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIA-qf4SBq2EUJimZGtpQgQ&google_cver=1&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj00YcK&google_hm=Njc4NDE3MDU1OTM3MDM4Nz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj00YcK&google_hm=Njc4NDE3MDU1OTM3MDM4NzYzNg%3D%3D
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Jul 2022 15:58:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DZ1tzRtCwvfNhBSOqu_5fJRHDrFLRLK9txjqrr-PeqNnQLHg2CngO9Tb0YgEV4zjJSMmaRekJlq7G5lUsEpQsZPaj00YcK&google_hm=Njc4NDE3MDU1OTM3MDM4NzYzNg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEDEvFbtdIL6vdNKq6A9SZBk&google_cver=1&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVC...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDEvFbtdIL6vdNKq6A9SZBk&google_cver=1&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWs...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DJqT-Rbn_jBh1Ct3XG9tPyYih_2GUbYI2appyRgB8MQDqrFLqIbZuXWUF-p-GWiMWWBtbE_SSkW-FtuV_q8HQWsVCZa-Gzyg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 658E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPzgeWkUYvvC0fhrpEWFFME&google_cver=1&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVGSTJPUDEtNS1IMlNS&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKqK2xdHuNxk2QK4KAK5XLO-7DSiBw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVGSTJPUDEtNS1IMlNS&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKqK2xdHuNxk2QK4KAK5XLO-7DSiBw
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVGSTJPUDEtNS1IMlNS&google_push=AehlK4AMKu9E5xfC598Z7023arUDH93Ti2vyF8BeI8C-DHChBDMJBjYGKGMIUqgUGAVEDv-ZCKqK2xdHuNxk2QK4KAK5XLO-7DSiBw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
dot.gif
s0.2mdn.net/ Frame 658E 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEN1JrnUqL8gRReHf-5kJJC4&google_cver=1&google_push=AehlK4AnbuiDVQjnklUQ6sO2T4_xiH-lYNkF3c6vSMihBF3bFsPqZGy5JUTXEESZca1o8uunyyLwPabhNt6KYHVJb-lvU1zQa9kxa6w
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Jul 2022 15:58:28 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 658E 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyIgqvbJkiQovzp8tQ_VtT8y5DLVGFph8cYuIvO_VHYxVODJM-lAXiEXbdQYL5dHKU1RBjLQ
Requested by
Host: 548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7649 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7649 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7649 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 05 Jul 2023 15:58:28 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7649 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 05 Jul 2023 15:58:28 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 7649 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=McOQuea-0UWSAN9ZQsG9ukiu7VrGtw8oVFjnZs2lLthEOOAxc1inyEd4dyfyEojJMQfgmuikt-Hby5K0dHHHVKrgg0AvaKWMWH5ZfmrCcw_YgC1SkivXlxOTQPGzLYsFlTkyh4QgKaQBTGomtsmImOq3n1D9MPPjdxNbMcKNxhi6h-bdCLYdWNWvpCzYVhljq55StbbZZ32-u91a00Dyr19peDy7V4U-3KikQtVSz4Ff4CIvdDJ5QLB4XieJzFBOnrqdRSYEgdWPdyAXb61WnxFynfi99t-X6FmcpOWOhPfmgKH4ZUel8EEiLB7r_rQAzNTdiKQ0SYEVyQbw7UmPsKYHVJYZm8SgjXwz3VL99cT7YfF62deZW-kDUCXcoMpw7eMWvjEC8lSNy92dygxIrIPk_CBaxZ2JPAoNuZKeJVRexipXqF-2-hrMrc0JFN-brLXUnOoxTBhW-ATikYGvY97JYbg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:28 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2826754
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7649 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5081598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNnO0Ai8E0tq1xxFVrBLDYfgFQjobHZ4dVjShjpmJVBVFAbC4UPq0mhnku7zFuALhS2fGZDIFCubzognkg6GXXnRY4lK1B0iKbEEBCYdxGGrhZV0JQGre%2Fa%2BpeJ8uDcWd4rMHAlentXBDRcG9iuVraFD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
728a80462897993f-FRA
expires
Fri, 30 Jun 2023 15:58:28 GMT
animejs.js
static.criteo.net/animejs/ Frame 7649 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
all
csm.eu.criteo.net/ Frame 7649 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=m4sEqggQpyGPmJtxrTEQlj8G_HS3MU11PzRfBUtndp1OoLXyzXW-_4Lfd5UsVdyYR2lcojzJOtTwuapQcoHhTUCq_CCrc9Y2qOjkJ0oToQO98MF-JUoOCQU77_HOk1_T-omwN2Yg_EzMcN8WUGYb1_ndYBpAt1yTuRCqGdDY5TGVawYzUXYVzzQz3cs0BTz1ZnnTK2NacfTeOEPV11zD-0o1VqbhU_ae0Qr67NYu4C1wNVMKBL3Dv0TuQWHzKQrtp6Wbcw&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Jul 2022 15:58:27 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7649 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7649 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 7649 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 15:58:28 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 05 Jul 2023 15:58:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5275 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXMlNqIpiynVKEqIfDrJcoo_twgPjN6jAdl3Gncgv30OwGZvpSI3ubn59PPl9alqYChKbBdP9LuXmyL-kS1qJShcR8Pnhw3XcYP8wJfc_CEgopRbEW&sig=Cg0ArKJSzMb6OZhU87x8EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1874771964&rs=4&la=0&cr=0&vs=4&r=v&rst=1657468708224&rpt=184&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://devilsmegistrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 15:58:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 7649 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=m4sEqggQpyGPmJtxrTEQlj8G_HS3MU11PzRfBUtndp1OoLXyzXW-_4Lfd5UsVdyYR2lcojzJOtTwuapQcoHhTUCq_CCrc9Y2qOjkJ0oToQO98MF-JUoOCQU77_HOk1_T-omwN2Yg_EzMcN8WUGYb1_ndYBpAt1yTuRCqGdDY5TGVawYzUXYVzzQz3cs0BTz1ZnnTK2NacfTeOEPV11zD-0o1VqbhU_ae0Qr67NYu4C1wNVMKBL3Dv0TuQWHzKQrtp6Wbcw&sds=2&rev=82042&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ysr3JAADLAAK3oLDAAceCObnGbDGTnI6GLwqDw&u=%7C1HUV5B5dyQZ6rmfkk4nBcFfTPVRgyLW1DkCoBIgZBPY%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdtp4s7G-C5T6HNMWXlFCOWJXNZ-84FJVdhkf79fEaXtweTpiKdP7UM_K0NDSEMLUZtfHgXXziRUxl-RYEzPxUAH3YQywMcHLpdJpdughQVlRlO1ISwP1lE_TYompAsmlqJdftkimQSxtWE-MtlI5R1sw8VX_o23_8Z6EF545g-OxuMfJbLyaEQmTwxEjBq-s-3o3QBi-O6DiW6U6_O6bQzCnOalkKqMBfyf28DH4Fg2sel0yjwBdbblDbuSwB7tR3FFO8FPz-dQjAAZxUVcASpzM_KVuRP6FxZnzJnXaia3Y5eIlAbbIZLvFUltHauHx8kENADv52KOO0Bvb6qmaIk2Nwm54DAk0emLXReDVyEgoQD6WxhMb_XHS7zpO_AZ3yok_r2A9CvuJ1ry2R3wNgTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCatAuJPfKYoDYDMOF-gaIvJzACMme0rFclcmU93DAjbcBEAEgAGCVqoeCmAeCARdjYS1wdWItODQ3Mzc2MzM0MTA1NDk5M6AB1bbS6gPIAQmpAneFHMUHF7E-4AIAqAMBqgTAAk_QXN9kyxqNeP33gkzi3ZOEE9HmVtB44stL0KBax5lmA6rAXKO3134_0nl65-m_si6Hz5sB_2uo-jsOw19kDCWgZngHlMubKFfRFeizXa7rqFzTK2dXJ8I3pvXhbzgxsux2fXdTZmumT62oqO8cb4QR3ycmhKRI6EnPP-dX0Uxx4UvVoVDpxhDzE9eCXAnia92xFy7fBRPQPD5oAA15rhIWRMVhsHQ_Hh7EU5HOhl-j5ClraDMuitKpwox36WAR9FDjCmOjhoXHcPz1kodVHxuWCfhHE7tneKSKzV9Xrls3rXLN2GGme8QKCxRcn3rtoZizdtk6OBMgOqr--18gEhNwwihipS6VLyEu4vhA6Jl0yMdqwT1AeRse0PTo-ZA27BDSFOzAX6SiHVOZen6hd9oSrmTOhY2bsOO1dRaXFyCT4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33X3ynYEGHucfnLVU60paBFa9q3Q%26client%3Dca-pub-8473763341054993%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 10 Jul 2022 15:58:30 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _wpemojiSettings object| related_posts_js_options undefined| $ function| jQuery function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| twemoji object| wp object| fluent_form_ff_form_instance_2_1 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter number| uidEvent object| bootstrap object| recaptcha object| addComment object| interstitialSlot object| anchorSlot undefined| staticSlot string| url string| domain object| scriptEl object| targetEl string| css object| head object| style object| billboard1 object| billboard2 object| billboard3 object| skyscraper1 object| skyscraper2 object| MPU1 object| MPU2 object| MPU3 object| MPU4 object| leaderboard1 object| leaderboard2 number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| pbjs function| initAdserver function| refreshBid object| googletag object| pbjsChunk object| _pbjsGlobals function| WOW function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Swiper function| imagesLoaded object| neeonObj function| neeon_load_content_area_scripts function| neeon_content_load_scripts object| rtrs object| fluentFormVars object| _stq object| gaGlobal function| onYouTubeIframeAPIReady function| st_go function| linktracker_init object| wpcom function| fluentFormrecaptchaSuccessCallback function| ffValidationError object| ff_helper function| fluentFormApp object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| doc object| goog_vignette_survey object| interstitialAdFrame object| google_llp

12 Cookies

Domain/Path Name / Value
.devilsmegistrate.com/ Name: _ga_1C2JX5PEEE
Value: GS1.1.1657468707.1.0.1657468707.0
.devilsmegistrate.com/ Name: _ga_S256736YV6
Value: GS1.1.1657468707.1.0.1657468707.0
.devilsmegistrate.com/ Name: _ga
Value: GA1.2.895346896.1657468708
.devilsmegistrate.com/ Name: _gid
Value: GA1.2.1714821067.1657468708
.devilsmegistrate.com/ Name: _gat_gtag_UA_204880487_1
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1657468707_1657468707
.devilsmegistrate.com/ Name: __gads
Value: ID=1f891f1e3409ec45:T=1657468707:S=ALNI_MbC3gBqy6cQyI_GUDXHOuwJhc1rfg
.de17a.com/ Name: guid
Value: 1.2202088038810804795
.yahoo.com/ Name: A3
Value: d=AQABBCT3ymICEJcArtpYeYt8reD8H_DYdP0FEgEBAQFIzGLUYgAAAAAA_eMAAA&S=AQAAAv5aL5qLaE_RJvndsq9aZ8k
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ysr3JAAPSXSbpQAo
.tribalfusion.com/ Name: ANON_ID
Value: aFnseFrZcAQ8BqEr73ytygcFOigKyNNMDkZdNcUZaZaTxAxuT7URueYrObH8oKLuWDExEGZay7RUjdkWfmGcrLhiD
.doubleclick.net/ Name: IDE
Value: AHWqTUnb68lYD-TQWy5Ev18wYRMZo-KBN44vnT3txg_Jieaf-0IkhiTgsbpt2C7uUVg

5 Console Messages

Source Level URL
Text
network error URL: https://i0.wp.com/devilsmegistrate.com/wp-content/uploads/2022/07/usatodaycomnation-topstories.gif?resize=1%2C1&ssl=1
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://callprintingdetailed.com/637ad64c78195553d0f108a6c9f558b3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
548aaf9e62339c200071a526ab92b265.safeframe.googlesyndication.com
a.tribalfusion.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
assets.feedblitzstatic.com
c0.wp.com
callprintingdetailed.com
cat.fr.eu.criteo.com
cdn.hooliganmedia.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
devilsmegistrate.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
region1.google-analytics.com
rssfeeds.usatoday.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
134.119.218.58
142.250.186.130
142.250.186.66
147.75.85.234
151.101.130.49
178.250.0.160
178.250.2.150
18.66.122.43
192.0.76.3
192.0.77.2
192.0.77.37
192.243.59.13
2001:4860:4802:32::36
205.185.216.10
213.155.156.164
2606:4700:4400::ac40:98f5
2606:4700::6811:190e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::b
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:80b2:ded:f09c:81b2
34.231.128.63
69.173.144.165
74.208.183.175
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
021f51aca02ae25bb5e5c28b95ddc2a8149042820c843ded9099ff9e45b68c5c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fe6be49f31a8cdec076e42e94a358a0b9da9c12a92e12e973607bfe5f82275
04abc87e3e433b43fd4504203f3b4578ecc825e4b68ef101dbf1da21e040ee51
05e4aaf7f4d6cedd0ae0f50bdf701da818331c6816409ed2d43ed3dc3fedb511
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b634b26205ab0ff64d5ad4d675ce65e3ad48944e8b85a9abd098914ef1704a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e758efeef1e7112e28bb08bbecb891bfda1a89c9ff4da69a09259418dd7d7ec
1110cb09c07dfcbbf660e7587c251b46b9060503a840f74dc5c9a48ae7ecc587
143876a84243de6cfc9f6dfc493b3336537d126a6ca9225a1e937fdecbba29b0
14992b7cb8210999ebdcdb55492a565da398bbaa0f0ba978fd47ff900696272d
15809710190c5c2edbf07f0db683ade85fb801f8ff08a2dbb93eea9d0d4e6df2
18e0d348e7cb35464eabe33a2dd70f1bf7b9a132c6870c127a408d2591ae3561
1b27f281088ec70d82e91bc2bf9c6d6d13a40eb22f7edfca63150b7d49c8e317
1d78d86dcdbb92b27e91c7c29f7a88b1ac909343af5975ea8b0f00895eda6886
237deb9a33eceb8bd76eda1721c728ddf25f9a21161fee10ac9b2e3b7901de55
289a5dcdc17002533954d460c11c55d14b6e3e08eeb275cfc9fd65eac202be44
292133e4193d2c14dd01d0328e010385d0f5f7ed42cda78a9d7b4207a0c10d91
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3182ce7ea730f9b4d4e451e6f8e4e8e3c72eb0573d19f21e1c66ed3cad9762df
339dae57e950f06ef9dc0397d531592d2750201081628098edc30f70897f32bd
3490df652bcc0a9bb52f17f61b66a6ed00f85f87a7eeac6f6fa209f868d15a27
34f3542303af5898a6d916ad1aaf2295e0e11721fdb74a4843a5e45366e1fe82
35f0a3a75733e6708a2c1f87d93a51e79ab0978e7f479d53d4ea3ebd29ca66cb
385080d94464e3fc57811ac0dba98da7b17373fb8d13b59c069b221dc9d1dc37
3d39a57111b92ea63ded28af171b7552ba3ab9ba814f99cc2747493d8c24254c
3f2c3886d6f704749a12a2312912e39b2ab4fb2885a3f21260eb8172dbc56c20
43bb10504c90086d2f6bd803a8c6fa46de7e75f5482532901d9f47ff9c5887b6
45666d0fdb45f7d5c23be3f00e161ff4c9ee4931c2b4f3ced0393103c2714a46
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
47e80e07c5bd39a411df97024f5ace6823ebe96aabe08571ec3b89b6df4e96f1
4910fbc6161296e74d710cda65e9178e33e3a38af92e7f8c54a3dae3866a01ef
49568f06e705a9696fb478ebbd6e1238e810b5ca3852c21beda23ad038b99ee6
4abd81dd791db3f9b00186012cccaeba6675df13d88a098c8779a14a9c6f8e59
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f68be73f2b1bf0c31b603c85a7e48bc7ef73f791600cd59e0c25385e917c09f
515b83580607a0740411c249a43b9a699a352def59e5833692f88dfc0c82fffc
5a6e6478ccea3814184971cfc0d7be55d668f64a5b839f578eeeb779e58fff8d
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5f614659fe55c7a05d504c699168beedd3e5ed280f9d0eb46e76ad1adeb13637
611345e159eacd8db03a89ecad81906a974388fcdade00e58b1899b6a14df186
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
65ae2d65f6bfe0fd7f2237987117b2787a96aba18ea01899f1772cc6c13231a9
6a7d2557d30c5e38693f126eb341ab10f57075b6452dd69122cd64bc537b643d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7b4e022bfeee7ab6bb0d70be7be40aede2a69e9585329e22472f49c3285238b8
7b6be334de5db27151ba531725b2cc3d4308523239266e8d95ee80083e3b566b
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
86833c890770dcd3731d14ddc03e5868bb0e46ba63d2e1adcf1dbbbb78f5cde9
897676a3130fc9eef66b6c451abb62a856fac858a39adcf08efec3e85883ad7c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
98cc50fcb84b9e97532ae78748485d306e2215caaa963c4e04fdb3a93ab82ba0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b51edd6aa119f10aa09d9d0a9619bfaa5c3f10cd12c8686a64870cd0d697a69
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9e3bce2d6a6fa633474f8b2da84e554a28ef305e864c1a5cca07644a5b8fb370
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2cdbd1526124814ec0dc743063903e2abfdb043a16c36603e9beda7ff0361db
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a686aadec752876e7ebb0c48140f406fb5f1402593a254fc6e69e62630fb3d77
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
ab2517565e5aafaec8dffd0154a8a871a76fab478c96e680fad255da70021cc6
acca001c72f00dff3bbc3aa9ca573dcd31affcad0835b4287f381638a33ea2e1
acd541287ed9a2fff64ea60a7af0840a8b33a8744791b06629ae0ee294cd9258
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
aed43a53a74b4ff28967a97854805f95becd066f90a08906575cbd822b3c5d15
af827cb1d419feb5c3b75812447bf6470685e5bd59d1a2935eed6149b5e97edc
afbdbdc58ead3db9e55aae52e9657702d714c161462ab1bee59386b5ce183845
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4140075de18e3bc7b02612effe70804d201e20563821ee585f3c196738e1189
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
becf800888dc4f3093e57c79a983953d38b9a21ec330fa02cb585f96eb923eff
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
cb3c124e6b9a35586f2eb1b20be4074dbca4d821bf52f7ad69e87981ef99a8fd
ccd03add580b3e19526b7e49a99da27c39163f79cda9e5af3e33e7af0754da22
cdbfc52bfa5a471b0028be37dd4f5dd1d076fd333e5828dba2a2e7fc21bc00e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d509a2a2e58960adc7be6d853e2c3c740d3ac2b9b282e515be00885830e0ade4
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
dafee94503045e0635357203c66c770f22c02fecdcc26a657ef64789a30a4615
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0bf568dffb7867df64321aaa31d0a2d3800854b84976157852414accf394693
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e889243ce815e1a40d7e5f27c2002f5f890b53d2e0ad314245d7aa683aa81331
ea06c516f8f6d4dde9e506f6000b01e0fa49f85c474d866dc8bf633b537f65ac
ebb8e8964b5b86218a37d73f701503ff287126d5573b27c20b654bcb2f5f8044
ed71b194f2def5b8e4d455829aa47fe19c747378c9980c9c72a0ef9ad724f2ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f157a43967dbdd8b0521119ee525583c202eeb09e0196ae54f071e8581914b9a
f1abdca5fe9f3f60172deab5407c43988d83db6845259fd67069806cd2084ab7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f479c8026856fbe9aebc9234a1322f9eb81796a312b3c45944c4329f1fdbc52a
f47f3a9f9a598a15bdd9d99ed47f5556e4775c2321201b7906df741d19898faa
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f29de90892dccd475df9c48619e1521eb37dcd91b3d95ecb859ff53890c161
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f888b3f61e3e3e0f8de9131953ecba9ae0b55c199cb81131892536ddaec954ee
fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869