newsvidex.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://videx.slidetext.xyz/
Effective URL:
https://newsvidex.com/
Submission: On May 31 via api (May 31st 2023, 9:09:12 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 26 domains to perform 122 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsvidex.com.
TLS certificate: Issued by E1 on May 24th 2023. Valid for: 3 months.

This is the only time newsvidex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:911b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::6815:3f5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.145.66 13.32.145.66	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:1800:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	52.212.200.11 52.212.200.11	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.72.36.188 54.72.36.188	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:223... 2600:9000:223f:1c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7780:388a:4e28:ec95:c591	16509 (AMAZON-02) (AMAZON-02)
122	39

1 2606:4700:3033::ac43:911b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

videx.slidetext.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3f5c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

videx.slidetext.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

newsvidex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-66.cdg50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1800:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.200.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-200-11.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.36.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-36-188.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:388a:4e28:ec95:c591 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	325 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	259 KB
20	newsvidex.com newsvidex.com	258 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 947 static.adsafeprotected.com — Cisco Umbrella Rank: 633 dt.adsafeprotected.com — Cisco Umbrella Rank: 572	99 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	262 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	3 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 103	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	160 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1372 google-bidout-d.openx.net — Cisco Umbrella Rank: 1466	670 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1552	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 995 bcp.crwdcntrl.net — Cisco Umbrella Rank: 871	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 797 id5-sync.com — Cisco Umbrella Rank: 429	18 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	201 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	137 KB
2	slidetext.xyz 2 redirects videx.slidetext.xyz	1 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1411	63 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1496	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1445	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1448	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	878 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8155	531 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	1008 B
122	26

	Domain	Requested by
20	newsvidex.com	newsvidex.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com newsvidex.com
9	securepubads.g.doubleclick.net	newsvidex.com securepubads.g.doubleclick.net www.googletagservices.com
7	dt.adsafeprotected.com	f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
7	s0.2mdn.net	newsvidex.com s0.2mdn.net f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com pagead2.googlesyndication.com newsvidex.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	1 redirects newsvidex.com tpc.googlesyndication.com
2	static.adsafeprotected.com	f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	newsvidex.com
2	fw.adsafeprotected.com	1 redirects newsvidex.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	newsvidex.com www.googletagmanager.com
2	videx.slidetext.xyz	2 redirects
1	code.createjs.com	s0.2mdn.net
1	mug.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	newsvidex.com
122	40

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
newsvidex.com E1	`2023-05-24` - `2023-08-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://newsvidex.com/
Frame ID: 5DD71D256064BC282963315694056F6D
Requests: 51 HTTP requests in this frame

Frame: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE54CE4F7329CEF5868F708A30C93C55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EA8E7B616C2F01612F1B9BDD644369A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D85A07FA535104C6A585F549B0BE3EEE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=newsvidex.com
Frame ID: 6D3E8AC8C78899524F7563399D197F80
Requests: 2 HTTP requests in this frame

Frame: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CCBA4FCC8E4D25B7F6552FEBDADEDDF9
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNWa--BRAYQBx0MUfcIjhZtdIBgNCPJGxBX7o6L5hYGgVqsdfg72GcCdxn66WCWmrWy62CrHOJaZWTN1SraWrkOte7Q59qSlCPF2l3SRgIGxp8qT8HD9j0Rc36LJiyWg9MxetFiSpWpVxs3K9Kxfqm_VCFQlL3fraEjWFFcN2TYk5kel9DQ
Frame ID: CB47EE495C1BF3840DA24C08072F42F0
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1FC5DA575EDF459B93002C286D14A1F2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFTya6r-LsotRgBAzX8KfYqdXOn9946PBe_6QOKy-bvFFfxgjLJM6LeKp8p0X6MFOlhXPl0TUH538EsJlSeNbleBtq99i9ToNmHK8uYD1YzjgoWDsHQgqHHqA3ml_T7irgju4gm08QFvO-P1smuBGZNdl5QjoKAjXM7VglQ13kr1X--fsNnx026A8-7EgcDD-yiPVsQt05-QQ3XGWeMdoVN09I1P0XIDYW8v1nHG4EaM0tm0ouAA80Km-lo6DASlaGR9j-E2vXNjJyxBogfT98xCXHGyKOxgrdewA2E1s2hH6B22zhNv6y1B95kESuunPUHta1FIKuGawuhzbqsw&sai=AMfl-YT-66aSodww3yBynR6_2wls8vjUIq7bqtAYmSqDUf9jm9JPFP4UExfl8DGzL7G2IjSBD4M9LAb8k1g3SYzQPT9Ihxxxs97I_biP3tfXpM25GfByB_Y4_bMLtptKqfJ1QA92TIy_6nxPpUbCoocU&sig=Cg0ArKJSzEVeN_EHbml4EAE&uach_m=[UACH]&adurl=
Frame ID: 4A859E159293A98DAAF35C258ECBD0AA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B60C9ECBAFDB811C61A072935EB548F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Frame ID: 901D32E6F6C46C4FF6CF38300BC02BA3
Requests: 5 HTTP requests in this frame

Frame: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 41CF90A9BC1582A17E47E7907BD99327
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 72931F88CD665210D72E88A77E99C91C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D4238158F1C44967368FB0D7409C652
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NewsVidex - Regular News and Tips Provider

Page URL History Show full URLs

http://videx.slidetext.xyz/ HTTP 301
https://videx.slidetext.xyz/ HTTP 301
https://newsvidex.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

122
Requests

94 %
HTTPS

65 %
IPv6

26
Domains

40
Subdomains

39
IPs

5
Countries

1854 kB
Transfer

4549 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://videx.slidetext.xyz/ HTTP 301
https://videx.slidetext.xyz/ HTTP 301
https://newsvidex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1

Request Chain 65

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsvidex.com&sn=ChromeSyncframe&so=0&topUrl=newsvidex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YYyntHxMR2o5V0x1QXBjR2ZoLzMwbkhkK2hJNVNyUU5rSXFYNlVMc0J6V1lWOUQwU2RJK1h0VTBURjZ4RU9mSWFXQWljMkNrYStDUW5kMWMrZWt0YkxQQVZpaDJaS3dEUjVyeXpjbnl6KzRSYlFNaWQ5NzdxNXBKS3laa0c1K0Q0RmV2Vk40QlZGbFg4ZWZUSHFnRU9HVk91VnV3RmVLenNTMGc2ZzdZY0FFRllGSjFjSDhLdHEyV3FrQlk5NEN0dGRkbXpYZjJWRGhPbFNZcWE5RU8yRzhpdGZ6RFZIczFoZXp4T0J6OCtWOVRmVUZ4akZaQ2pHRjhPVnB5cnZtNTAzT0NwZTZ5UEJqQWJUUWdaQXQ2S2ZOUVFjZz09fA&cppv=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENFXgn_SsQ4pCmQh3ZR44Xs&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHe3c7aM0r4tDT6TTYdvrgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0L41nxa4J_QmWR0AfDxOA&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGsgMmmh1BKcfDIPUrLdza4&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0MzQ2NjkxNDkwOTMzMzUzMQ%3D%3D

Request Chain 100

https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-7711988207324430&ias_chanId=1&ias_placementId=20111331724&bidurl=https://newsvidex.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iH05BnbJ4xiVlYrNP2qBYI&adContainerId=brand_safety_c7d3ZOXpIPC39u8PoeKfsAk&cbFunctionName=goog_wrapCb_c7d3ZOXpIPC39u8PoeKfsAk&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fnewsvidex.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fnewsvidex.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8607c8bc-972a-7d6e-955f-a6be92af37bf,c:eeelAl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5b89c49c56-7g926,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:9,mot:0,app:0,maw:0,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:6197173d-fff7-11ed-bb05-b2067b21c357,v:19.8.415,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

122 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newsvidex.com/
Redirect Chain

http://videx.slidetext.xyz/
https://videx.slidetext.xyz/
https://newsvidex.com/

77 KB
17 KB

277ms
210ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca23e5f1a7037e6c6d8979a2f9864d021854d4ade0a20b27fe891ad883f82c16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d02322a692dbbcd-FRA
content-encoding: br
content-type: text/html
date: Wed, 31 May 2023 21:09:06 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Sat, 27 May 2023 04:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DecwG0KBkwPawR3hxrdKYEiuXPxswT814915QiSyeGfK9RRbKjkq1t0c7njkO0LIsvknDf6ltMnw8RByUVkHQpQXzahwBNe36DPxij39bnsECUag25H%2Fbe1FvhHRMIgIn8OAJ9o0o4smy3%2Br"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7d023229cecebb8f-FRA
date: Wed, 31 May 2023 21:09:06 GMT
expires: Wed, 31 May 2023 22:09:06 GMT
location: https://newsvidex.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQtBZSBIcDtUART1jXALYZPJZiJRsvVoMisuOBlfo0DfHiSEhrW0xS9G%2FM0GI2ogIOtb3xfGDE6ihHv6i%2BzhiQKSPiyAqNvLxhF1g8izGjJGTFiiAg%2FN4mb4tUZhN6WwcNYgl%2FOeJQTqhCKs%2BF%2Bs6ZjF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 hyb4c.css
newsvidex.com/wp-content/cache/wpfc-minified/kz1y5s3r/ 95 KB
13 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/kz1y5s3r/hyb4c.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aedaaa674ee2b65204a2982354ebf1d005aef71bdbcf86c13e998be29640b717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 04:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406782
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyM1%2B6b8Zwamo2bMTYywtlFxjU7Ba3bVImIXEKCBiZkeFyB2W9tPYKeVvA5%2Fvu6cXqG%2Bykrn5mVGC%2B2rXWnIxjEcAP5YAPhJSMdsT%2FOTVGhJMjU8%2BN7aulsesgbcNYaeu55iMHlcWOgESpxb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7d02322bbb1fbbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:09:24 GMT

GET
H2 200 hyb4c.css
newsvidex.com/wp-content/cache/wpfc-minified/77gx5uxb/ 6 KB
2 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/77gx5uxb/hyb4c.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d8b90f5b453ad0e19e7ee11724f05a2e2343cf9c8f5ffba9f55b8e79f24781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 04:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406742
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnG6dnn9TryGBTVyfN7YHaeTg1qdTfAkJVBjkK148a%2BfsEOVOB63xHK5%2B7Hql%2F%2B%2BNQnpqCTvVVMB2iD4At1wl%2Fhkqk73zhlAmiIjKKZYvuE1wRvmSAeNqXsj2i1Y1XFKe3UJSIZvpFU69qOi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7d02322bbb25bbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1008 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d376e780bcc5c6dd54272d535a39e4346ac241d12870b555cd85b4ad734ea40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:32:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H2 200 hyb4c.css
newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/ 60 KB
13 KB 34ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/hyb4c.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364a5c27d2ac8b5f566046597a12ab16fcb1bacc833561b04ea9ea7837ff4cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 04:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406782
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1%2FORkz9NVnSswDJsgp9VlQPxCel6GAK1Jbz528oyTQaJbI3u%2Fz5GvsacYZguIOxEeq%2BAGL%2FQ1DsuqAez83zLEMhxq38k3OwAh66Y8LMA%2BFCQ8o9ViDnwY0sttstFPeFvgbXBTvMBM8F5gmi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7d02322bbb26bbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:09:24 GMT

GET
H2 200 hyb4c.css
newsvidex.com/wp-content/cache/wpfc-minified/mlzc3b16/ 346 B
536 B 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/mlzc3b16/hyb4c.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2902e5c19fbbe4b0c6bcbfb1ef627bf4a75df212eed136d0aa260d4913b9e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 04:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406742
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4Y6CS%2BnaGfsHVi%2FAkyrcYdX2z58rlCSheSZyrY8hO1r%2BgATm0bWtwwwj6Vrbsqc3ZADFGrOOjib4108JOjewMRH%2Fo6hwOyWrRRVlaqJiqD8F4sDmAxgue4Dz8avt7R8dUMTPU7YZMwcdWM%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7d02322bbb2abbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:10:04 GMT

GET
H2 200 hyb4c.js Show response
newsvidex.com/wp-content/cache/wpfc-minified/lxs2d7bk/ 101 KB
35 KB 36ms
36ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/lxs2d7bk/hyb4c.js
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3b62b4fa6b83072e31681bb6771d2bf7c4d09f7d80472b0eb53ac762c591fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 04:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406782
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APTL1WKGdCsgwpaQeNGaTGLMtgJYu88o1oHj3d2D2vNmtiYZOqyaSevgSBjYNhKw%2Fn3P5Q6vuLw1xtqMPCfRxPmnTmkmtnEO9HpHQ%2BstcDWVv%2FYJKrMpbsYkG1NZhpCAy66zP%2FtCA94jgELo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7d02322bbb2fbbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:09:24 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 77ms
30ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3860159a79dfe110b5ddb3394443c46bf5ec1af3e95bfa898cfcb6fa2c940b6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 288ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fcd13ff73e6f08142330a01a103472b42f3b400ce7a058a7e13cc57fb67ba0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25169
x-xss-protection: 0
server: cafe
etag: 362 / 19508 / m202305250101 / config-hash: 14210017587608118762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H3 200 Please-Wait.png
newsvidex.com/wp-content/uploads/2023/05/ 805 B
1 KB 27ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/05/Please-Wait.png
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6458f6ab36bab1309374c9f6213a9e962c5a2ca3f572faf474a2b0780b07797b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406672
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhCWLyeMA%2B4JXwmj9cBQ0ht%2F3V5skvoq%2F7wSfAThXNicIYdEe%2FhcXN5UAf8q%2BpCWtRRhU1lNsOPJ1eBz%2Bk%2BplFNOkZ7lfmqFejEILuRGx8Mlg5cHqP9GpfTPfZf4RKPrX7G9TljUFrbM36gn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c4b132c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 805
expires: Sat, 03 Jun 2023 04:11:14 GMT

GET
H3 200 Human-Verification.png
newsvidex.com/wp-content/uploads/2023/05/ 824 B
1 KB 27ms
27ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/05/Human-Verification.png
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3d3e006fed403fe21adad67236246365b16a1b00baca471bfa3f9552424146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mhOC4S5%2B5i8a7ZTWyjuPk2TKsOAXNLjbTj497LgHT0DdJgRJd%2Bir86s5Uei7Epl%2BSIrtJrXm7T6DEEGywMXzVP5U8ws4a%2F88P%2BMK%2BcbRZ5mXro3%2Fa%2Fnuhq3rg%2FUrxwlxwb%2FUZAgJFOO1jum"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c4b152c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 824
expires: Sat, 03 Jun 2023 04:11:14 GMT

GET
H3 200 How-To-Terminate-A-Membership-Paid-For-Using-PayPal-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 6 KB
6 KB 67ms
66ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/How-To-Terminate-A-Membership-Paid-For-Using-PayPal-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba5ced30dc202e872b6bf534ebdcff1eff7c012739f6d5b1147f035eb4ff819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYIkoouBdft6TxC%2ByqDf3MFANfRDrzjXPuktWpXanrJceQyclPqGnB%2BnbltnvkIBGL1LeXFtppyZIT8zSUVdFTfC78xAV1soZzpi06FDS1LOvQT5mSyFHDyL6Fpyq2jJa0WtK2FRjvffAg0o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c4b1a2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5731
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 82ms
33ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71ae86746bb84672f3aa13b98d38acc5bea34b389d93389dc42a5656119b57b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H3 200 jquery.sidr.min.js Show response
newsvidex.com/wp-content/themes/superfast/js/ 7 KB
3 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.2.2
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FV5m4NB7UB%2FF91aVGJ3Wq%2BXbm5xk2xClbjYNxNGlkJ0keq7wRG1QjHrTOE5zkL7yHIxLreBDRYWDi8RCInbb%2FTBO9VD%2FTyb2s823m4ijHm6mpbcwdfzXeD%2Fehqpz2ipBcUmMg6tiJmed57Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7d02322c4b1c2c72-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:11:14 GMT

GET
H3 200 customscript.js Show response
newsvidex.com/wp-content/themes/superfast/js/ 3 KB
1 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/js/customscript.js?ver=6.2.2
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuSaKySKBgSexMYhdnGrG6tQTkPyqwioK3I%2BdrbfC8Dp1FvjGSf06iYvM0AA2PtOSG0t%2FugX51yDuluNc7liI%2BdLU%2BdMh%2BPmgXco1T3KhQ8f1jO%2B8ZBElv1TvqBAH1xVrw7zJIQwTONcTNno"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7d02322c5b1d2c72-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 frontend.min.js Show response
newsvidex.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:10:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406672
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TxXtGfsPnHQ%2FpuVn6An%2BgYSQnig3OfWpu8QynsolimBQiHUEsnQlz6BP0SXgpt6cad1P7e39InOcTQPUvHVVe5YwVbFsoYL%2BMrACBRe11soAXDma1mvoUnek0ya2%2Fa9zKpulnjlkdS%2BJmkW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7d02322c5b202c72-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Jun 2023 04:11:14 GMT

GET
H3 200 /
newsvidex.com/ 54 KB
54 KB 215ms
214ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 27 May 2023 04:09:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkgt18tG9Z7R%2FrgL1qls4cslmtFrF5VLl2%2FHzF5gaVw2sw7aYO0BrCAZWW0rrH3RxkM2akoKYKMm2efO%2BAdL4h52KJ%2BZe%2BXZL7aODOJX4hRkt8vxezA0wGspcsQcpoR9uzl6waOFMTuq1HkD"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7d02322c5b212c72-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Oct 1923 20:30:00 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 21:40:32 GMT
x-content-type-options: nosniff
age: 170914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 May 2024 21:40:32 GMT

GET
H3 200 ElegantIcons.woff
newsvidex.com/wp-content/themes/superfast/fonts/ 62 KB
63 KB 37ms
37ms Font
x-font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/hyb4c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/hyb4c.css
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wub9dqUBG5mAjrnVzQaA4mUJpYJYGKc6nVPFxZ5vuBYG88A3wqkqnutSe8YqUeeWsBnCTZadJ0gdjk1lCyk7Z74x%2FFw73nLqgR0oBCSmBGV5nCoO6TWN0SNN8JaHOFzrxXJKIRgT%2FYsVNfcK"}],"group":"cf-nel","max_age":604800}
content-type: x-font/woff
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7d02322c5b2b2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63664

GET
H3 200 How-To-Update-Your-Facebook-Profile-Photo-Without-Your-Friends-Knowing-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 8 KB
8 KB 64ms
64ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/How-To-Update-Your-Facebook-Profile-Photo-Without-Your-Friends-Knowing-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee6f6515148c0e0daec50262a4685e70ef06bed18f84334c29b38da8c29d1e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6ESXo9ZKD4csIIQMqMf3Vzf%2FOtZvBA4%2F%2FpoXh%2BE1kFyfPkevsW6C4Jfm%2FPFZHarklhjDsfn3fmY0dmOJFzaHvL8GsiDjTdwwi8fbUr%2B%2F%2B8RoB%2B1YZOHJwNZYG7NQ5%2B8tINmE72KU0sAauyC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b532c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7829
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 General-Charging-Tip-How-To-Charge-It-Well-And-The-Best-Way-To-Charge-It-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 3 KB
4 KB 65ms
63ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/General-Charging-Tip-How-To-Charge-It-Well-And-The-Best-Way-To-Charge-It-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341aabf0136ff91a0b217d47f7d3cd1aca34be3c01c16ba6da65ea8cb9dd7e34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNyvryIHoK1du3s8n8jvamu3VMhfYzAEWpEtalA%2FoFZDuhhMhPZkJkAYUbAuUxKuZrPmi0h6%2BjtpqtV76DerSegB3leVtykEgwh7OHCSG%2Bq2rkwVVOVAdHWWZKmZrMy7TNtiEHAtZsWseuVY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b562c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3355
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 Challenges-With-The-Fingerprint-Reader-On-Your-Phone-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 5 KB
6 KB 65ms
64ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/Challenges-With-The-Fingerprint-Reader-On-Your-Phone-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa007a6b8cd89f8829ef2abbc9f843e1fd18961999cdd3eed7ba9952413110d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqDtaGqvvHEBrChiqwzXBn%2BTOKnsJultUy6pPRh%2BxdNOdR7u1Vvr2TLPMzG87xqsrzNzxHCbeXULpLbLXOL38zO%2B19WzCxNAdnh4BbdK2TFTNqy5chU9V5jCe7DUjpa0O0XqU%2F3Gu99fXXXB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b592c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5170
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 How-Technology-Contributes-To-A-Greener-Future-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 10 KB
10 KB 66ms
64ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/How-Technology-Contributes-To-A-Greener-Future-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c54e0b595aa8298e7391b271be3ac496b01b7bd54e5a72ea2621404438b845b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3RLpPgKvRUs%2BEpwnYf4VwipetwYwt8pChkoc8zxaECgdMs3%2FM2H6XyxPB4HUD12RfnWyJ0TldcCryOdamB%2FyiVsyadZdl18qEe0X%2Bu3NJJSWQY82yF%2FOhV264Ik5w9FA4%2Ft15%2FrTEttmeRk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b5c2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9894
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 What-Is-The-Cloud-Gaming-And-Is-It-The-Future-Of-Gaming-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 7 KB
7 KB 66ms
65ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/What-Is-The-Cloud-Gaming-And-Is-It-The-Future-Of-Gaming-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ff6e0765548f602ff2a918f77e56e75ac91ec57cb4a89091fe73a94d22cc55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P994uLRRlxLlG%2BX32xZ4HHMDs8IeAt4pzDGybQQiA7Y3bFmvdra%2B6BeGTlq86Zz8a0Aemgq6A6D%2FysjJF8iyyp7SxQUxNmprYAHLVWoFSyBs3qZvuhKMRZk3XXxmbCkWuaBeDRJICJkBPjgf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b5d2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6658
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H3 200 The-World-Changing-Technology-of-Digital-Twin-200x135.jpg
newsvidex.com/wp-content/uploads/2023/03/ 6 KB
6 KB 66ms
65ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/03/The-World-Changing-Technology-of-Digital-Twin-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f831c9f5476673ec38d8560d2b1ccfcc7fdfaa8b76feb2dc4e897c525feaada9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 406671
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKe2R%2FuFJDqT5N5gaEEZr7eTFZ4jK1Wew3r399lYDJHp7eVMM9XeuqrzGk98l8%2FWRoydwCa%2Fc%2B8klieBeaVpNDEkWuKXuwBPbksiQlzeqQUbZu%2FXzPZHx4O5ziCioLFh72KGTFlKsQB57AG4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d02322c6b5f2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6026
expires: Sat, 03 Jun 2023 04:11:15 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 410 KB
165 KB 214ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 17:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 17:02:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2YRJREY02&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f6ff27c5890227023081cc25120b1d4079f18595719452d5ecbe2a5a89b8965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 111ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 May 2023 20:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 31 May 2023 22:35:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 71ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J2YRJREY02&gtm=45je35o0&_p=1307146923&cid=1586909333.1685567347&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1685567346&sct=1&seg=0&dl=https%3A%2F%2Fnewsvidex.com%2F&dt=NewsVidex%20-%20Regular%20News%20and%20Tips%20Provider&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2YRJREY02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 28ms
27ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1307146923&t=pageview&_s=1&dl=https%3A%2F%2Fnewsvidex.com%2F&ul=en-us&de=UTF-8&dt=NewsVidex%20-%20Regular%20News%20and%20Tips%20Provider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=70167141&gjid=1082621310&cid=1586909333.1685567347&tid=UA-247050099-1&_gid=1896034888.1685567347&_r=1&gtm=457e35o0&jsscut=1&z=331147720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 405 KB
125 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 11:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33323
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128027
x-xss-protection: 0
server: cafe
etag: 5295197450709426467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 May 2024 11:53:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
535 B 95ms
55ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newsvidex.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a2da971256e9b7e47537be1d6e96f4da7ab1ab9274137cf2156f25a812ae759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 510
x-xss-protection: 0
expires: Wed, 31 May 2023 21:09:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 104ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newsvidex.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsvidex.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 82ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 35377
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-etou8220078-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 97ms
31ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: RJG8P9KGT25NARJA
age: 733
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d02322f5c8537e6-FRA
x-amz-id-2: p9caGrESjWYwkHsxUB/95tSAMOAWdfigQO7CUyIVO+HkWK6LxeSkGY+AhjJC0xfpQ02CliLtx7w=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 109ms
18ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:11:08 GMT
via: 1.1 google
age: 3479
x-guploader-uploadid: ADPycdvv9HA4wODpt46TG-yGScP2f-R3TBXfeoBiWSLBeC-tMweZZqA8UTnS_hkulJPKPpfm62TpzOYf7oxv1l5XYSLKobpTzMys
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Wed, 31 May 2023 21:11:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 110ms
34ms Script
text/javascript 13.32.145.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-145-66.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:50:11 GMT
content-encoding: gzip
via: 1.1 4123f5d267403eba4e7db5e4d8d9a6e0.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C2
age: 1137
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: wVQiQCziQ0igXOFtGUqHbIA1M123o2mvVbefUxXTXI6zqzA8YTZG_g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 101ms
18ms Script
text/javascript 2600:9000:2057:1800:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1800:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Wed, 31 May 2023 05:58:55 GMT
Via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 54613
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: kRZIHrwujRfGaxt4DF7pC_RTfcU6A9A5tyEozwj1umt16n4cDfk6QA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 82ms
19ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:12:18 GMT
content-encoding: gzip
age: 943009
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 19 May 2024 23:12:18 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 312ms
42ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Jun 2023 21:09:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 351ms
350ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3085292455104152&correlator=1401623768113358&eid=31072019%2C31074948%2C31074993&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=22890180776%3A22733957189%2CAC_newsvidex_300x250_26.05_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3510210174&didk=1941248765&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685567347026&lmt=1685160560&dlt=1685567346508&idt=467&adxs=305&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=990x250&msz=990x250&fws=0&ohw=0&ga_vid=1586909333.1685567347&ga_sid=1685567347&ga_hid=1307146923&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzLKSnYcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjMspKdhzFIAFICCGQSGQoKcHViY2lkLm9yZxjLspKdhzFIAFICCGQSFwoIcnRiaG91c2UYzLKSnYcxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMyykp2HMUgAUgIIZBIZCgp1aWRhcGkuY29tGMyykp2HMUgAUgIIZBIUCgVvcGVueBjMspKdhzFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda61b2f561931e2a58bfaf1554e86ffd94e08b5dd29c4d515170e5834f4e629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9177
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 102 KB
37 KB 771ms
770ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3085292455104152&correlator=1401623768113358&eid=31072019%2C31074948%2C31074993&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=22890180776%3A22733957189%2CAC_newsvidex_300x250_26.05_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3510210169&didk=1941248764&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685567347040&lmt=1685160560&dlt=1685567346508&idt=467&adxs=980&adys=545&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1586909333.1685567347&ga_sid=1685567347&ga_hid=1307146923&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzLKSnYcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjMspKdhzFIAFICCGQSGQoKcHViY2lkLm9yZxjLspKdhzFIAFICCGQSFwoIcnRiaG91c2UYzLKSnYcxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMyykp2HMUgAUgIIZBIZCgp1aWRhcGkuY29tGMyykp2HMUgAUgIIZBIUCgVvcGVueBjMspKdhzFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

759e721fbf87f8de9aff0ce6d79f7cff7bc87b89ac9c5b06dcf881e704ae8c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37746
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
22 KB 470ms
469ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3085292455104152&correlator=1401623768113358&eid=31072019%2C31074948%2C31074993&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=339263271%3A22733957189%2Cgam_newsvidex.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=3&adks=3611877616&didk=1464942920&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685567347045&lmt=1685160560&dlt=1685567346508&idt=467&adxs=980&adys=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&ga_vid=1586909333.1685567347&ga_sid=1685567347&ga_hid=1307146923&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYzLKSnYcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjMspKdhzFIAFICCGQSGQoKcHViY2lkLm9yZxjLspKdhzFIAFICCGQSFwoIcnRiaG91c2UYzLKSnYcxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMyykp2HMUgAUgIIZBIZCgp1aWRhcGkuY29tGMyykp2HMUgAUgIIZBIUCgVvcGVueBjMspKdhzFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c3c46a5d4705381ab41e753e1566c3f617865787f76791335ac67c901782d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22273
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430328069
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 156ms
73ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c95cdf0fcf4b02d8705a9b266c4125e59128edcc4fb0d5833abe35c3f8d46aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11254
x-xss-protection: 0

GET
H2 200 container.html Show response
f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE54 6 KB
3 KB 128ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:07 GMT
expires: Thu, 30 May 2024 21:09:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1

85 B
202 B

134ms
133ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: a2da4035b64bd560a43c5d0ca0a8bce3ae72bb724563284c98d435f071a7a052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-2Ozu04Dw4u1Edb/RnV/vlEwdOjo"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newsvidex.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 31 May 2023 21:09:07 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://newsvidex.com
location: /esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 70ms
19ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://newsvidex.com
date: Wed, 31 May 2023 21:09:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 39ms
39ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 832e853ddf5ad4669001e0d65e248658663d432dd2fdaade12f5b46378d36107

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a04304942186a8e21257d28d9da0a36b
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 98ms
33ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://newsvidex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://newsvidex.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 31 May 2023 21:09:07 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 1428f9aa646a73859e7ff7edc2058696

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 141ms
43ms XHR
application/json 52.212.200.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.200.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-200-11.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2592fccd44d05fbbf8eb7180dea322b12a01759066348b886409974556007d48

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache
x-server: 10.45.27.156
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EA8 13 KB
5 KB 23ms
18ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 16:23:20 GMT
expires: Thu, 30 May 2024 16:23:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D85A 783 B
914 B 33ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc4f2ba34a3c62f6ebbd6c47b722218a218090757a7728a0c11c9fdffac6de73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bo8PovYhAfydAg0yC4Wbbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-bo8PovYhAfydAg0yC4Wbbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:07 GMT
expires: Wed, 31 May 2023 21:09:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6D3E 15 KB
6 KB 124ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=newsvidex.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 449159
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EA8 38 KB
14 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 06:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 06:44:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D85A 0
0 84ms
54ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305250101&jk=3085292455104152&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 container.html Show response
f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CCBA 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:07 GMT
expires: Thu, 30 May 2024 21:09:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CB47 624 B
826 B 81ms
33ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNWa--BRAYQBx0MUfcIjhZtdIBgNCPJGxBX7o6L5hYGgVqsdfg72GcCdxn66WCWmrWy62CrHOJaZWTN1SraWrkOte7Q59qSlCPF2l3SRgIGxp8qT8HD9j0Rc36LJiyWg9MxetFiSpWpVxs3K9Kxfqm_VCFQlL3fraEjWFFcN2TYk5kel9DQ

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:07 GMT
expires: Wed, 31 May 2023 21:09:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CCBA 78 KB
27 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 42 B
63 B 55ms
53ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AH421F7hClLhMgLzYQBP22_cpIjsMscVsmGsUitzjxgNCFi76vvqjnUZ1ADCVfTALOC4ySA6MZAed3mcaqSPK8hSpo29v5s6OiaGf86vwsw7cabtA

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 56ms
54ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7474999960292843888&x=1&ct=76

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame CCBA 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame CCBA 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCBA 171 KB
54 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 1FC5 0
176 B 102ms
31ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 31 May 2023 21:09:07 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6D3E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsvidex.com&sn=ChromeSyncframe&so=0&topUrl=newsvidex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YYyntHxMR2o5V0x1QXBjR2ZoLzMwbkhkK2hJNVNyUU5rSXFYNlVMc0J6V1lWOUQwU2RJK1h0VTBURjZ4RU9mSWFXQWljMkNrYStDUW5kMWMrZWt0YkxQQVZpaDJaS3dEUjVyeXpjbnl6KzRSYlFNaWQ5NzdxNXBKS3laa0...

447 B
659 B

114ms
30ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YYyntHxMR2o5V0x1QXBjR2ZoLzMwbkhkK2hJNVNyUU5rSXFYNlVMc0J6V1lWOUQwU2RJK1h0VTBURjZ4RU9mSWFXQWljMkNrYStDUW5kMWMrZWt0YkxQQVZpaDJaS3dEUjVyeXpjbnl6KzRSYlFNaWQ5NzdxNXBKS3laa0c1K0Q0RmV2Vk40QlZGbFg4ZWZUSHFnRU9HVk91VnV3RmVLenNTMGc2ZzdZY0FFRllGSjFjSDhLdHEyV3FrQlk5NEN0dGRkbXpYZjJWRGhPbFNZcWE5RU8yRzhpdGZ6RFZIczFoZXp4T0J6OCtWOVRmVUZ4akZaQ2pHRjhPVnB5cnZtNTAzT0NwZTZ5UEJqQWJUUWdaQXQ2S2ZOUVFjZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

039f4f6707a9960c31a82f09c37343657986f24beca2e17f118e394aae9fd61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1282771
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YYyntHxMR2o5V0x1QXBjR2ZoLzMwbkhkK2hJNVNyUU5rSXFYNlVMc0J6V1lWOUQwU2RJK1h0VTBURjZ4RU9mSWFXQWljMkNrYStDUW5kMWMrZWt0YkxQQVZpaDJaS3dEUjVyeXpjbnl6KzRSYlFNaWQ5NzdxNXBKS3laa0c1K0Q0RmV2Vk40QlZGbFg4ZWZUSHFnRU9HVk91VnV3RmVLenNTMGc2ZzdZY0FFRllGSjFjSDhLdHEyV3FrQlk5NEN0dGRkbXpYZjJWRGhPbFNZcWE5RU8yRzhpdGZ6RFZIczFoZXp4T0J6OCtWOVRmVUZ4akZaQ2pHRjhPVnB5cnZtNTAzT0NwZTZ5UEJqQWJUUWdaQXQ2S2ZOUVFjZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 319439
content-length: 0
expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=185979354508&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=185979354508&version=m202301230201&ct=76&x=1&cor=7474999960292844000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CCBA 100 KB
39 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BU94XCV8ZLhQLuqvy-VI_RSM3MVryU3XaSM5IYZ9uEkMF64aTCkAO6Qt88I_Cnsr7fU3T_Gv_nXTF49md_VPy4hBEhJ68YGtYjrCbAOLbM9tGMPQRfb3TBaOYNmjvNocu95r8pzKKWW1EI5hgJH3QcBVG5sQFsqOZ6sffGt-8z2hr8fUs&dbm_d=AKAmf-DZkNpJzOHr7U_NgjfQveJoVugQ6VGv0oBEDdl1dFCzwWxRtjn3bEoMwr7sgFR3ITSWBiUSztDCzHJOC0cvbr3SRnI2zke3YBAjU3O-0XM5507L113fZfXlolkeHiycHPQ9QlIqKwX1kjMufKPjgimaACcf0JGNPTmbYp8gQMxhqohU_OAnCZ7I945TmWLL1eoIbPeyZJhuZ7PGT4KNCmAWi2nSJHV8a4nivs-5tOSOGxJxCmNDtyCblWlJ6Q2teTjRxS7HwjqGhZd3-BfL2cLz6DNJsLboGi8z9YCHKRo4fcfYpQ2CSpdzSQYRR8OTdQs2KM_GfgRCyEw1nz39HN0TqY7jk2EUGssHB40BCdDBKZ71C1Wqq3JfzzQQ56dDUS_p--eHV4Q7uOD7b5nA97U5EnAludrsvPEzyai-Eg3dOxfKMbDL6f3NMOa-PyNmy-BwgDpLzsd7Uj7HWXHM1oKZpR5AEWOF0E0bslFolcCvTRY1Pe4xvDADQcWYb5jgX7NxVIu7qKG9fV0HsvflVDeN-bldOhmeMLtBWpUNPCLckp3nkcgbwOwvPk7FVAeuc8ncUMmOmmZtHf07Ia7mfyBXsvYGW18YXp5UR0YPEGF0CMiYw3UhkwsIVpPT2YEQ118HZ_TKK_Bx-GJMAhg4ZaKbZcSSdYOzKYIXzgsquQyRlw-kR_5pipRKZ2nUi0wuLvkv3Ti1ZuCXWX4ujeUuBcFKQJjD1i_s0Z9yePZ9EUH7HH4_q-JIDDfZMLR-EhyNGpMUsjlriR1eA3oRwmcKIaMXH6klUfSwX23b_wTW3s94dOigsBWMLnQ1LzI3r1nxFOGeq42h9_5UF5_Etqgu-i_IUMFbCAgWuMZ8F57kcUam3WU2xHxNOPHbY0t5dQh0lQ9f4SAzIjluuk8Bc1a4p99FnYlRfuM8FNmRUggbJuIceJd23DFTFYX-HOwpgV0LVhlEHwWqoj2PFS0zUCI7FpaXsofK3iFGfdGpk4NfdrNW9BiR9WcOOG_r_V_acBV1B4uVTRrc6h6D5QxaNR0W4g4Dy3Mw3ng8bewgfuE77H4WtyiUKdFAQvvh_9FhQdCIOj-DGMkeCxNOAZreI5schCUluE-qK8EltfX4zmX4mq0tjvmd6HOQ8lRDkUUdyrWXB_7DnW5HhRrvp5Elej9C1WpZwgcqXvWaASYq9jfQIVeGbTuh2c4AVHYcq7s1J8N_o2eLlGxeImDe1TGbu9r7QSl0onZp4MItH7Vd87-qRq2XzY-AG-jGI9dlUYmXqfel0ZfK48ACdCpfmiJPY-c8Zt9Dd1j7INWjWwellS_ZE01LU66A_OXAPI-W6S2KVOMXO22nP8viE9c4MNpvC_vkpPyOY9dW8PcEgnZragGyiJxIFjoBnH3IcNfaB2SaxvfVhcsgipur5yC00WDCqbpI10pIVIxVGsPavT9lFyNEbTOeeyzrTowpr1iO4BZo3i_ViBjZ_oF5UKLGSUTgDz9GeKnb64lYLaFjZ3XWO-xla_OqyaDhfmxCecGRfLhhYDS8U0dYLbZhSedIklhd34KkifyNlbB5BS8U7nN70h_RhsFDJO8520BeJtdYuofORxEe90jFWRMR--K5LsB6lMCPts_upn9Eygh5vd05kNewa9pzCSks9GwW6t0BvW6ND4GOZEM-QzvmqHZcyMN9hB6VOi-o6ZpA6VNCKWrrxS8GGbcGB2BY-K_b4zp0xLuagCCBcMpsmVQz4BNhVoqeIOCZNrMnfqWrOkNiXD4TzSqCT_MQ92yUoh5lK31Z0QRhEP23JW4OF100_rb-CKJVQSH04PqnQok1CFH1y8-n8JuJs9FoSCH8CxFOy7zRjofUlwgqcvtAWX3zRgv-tyzF52FqlRndoY-RwTNpA8XltrCIcJuCg1J9SFuz-OkzUo6y5qri7Ep54vt95tjhxEWkFGtY9uKLJlhogv1-AzL3SEJXIBGSxCXIwxjrX1DLi8i9JUkRzmOTD-3b_Go7-o4KxnzIAicY0qFVXBPNkkou1pEinDm_9ciWux8jSgZln2hjcqtAOMVIqyLu8wgzFYW3GN0IcAtmLX3lDY5vXa4FaggHfwhR9wRKv0IlUnm5-UB0sIiNosAtU2rNh1rq4CdXC47-yAHeEpXlNEFUYO4uDsbaInpTPOYVS14pwGLz9ptOQbeaObo1D5tAtYgkyijcDn3knE8ElKDn15jLMP-PO7kRBa_0vgNVChJyF0YpBdpIiw9cmr9_NKoYX8M4Mvgh9S-Vw8Iuh4Xl9QMtp_wQ9L5m00wif4OygvZ84xvZEXGg68baxwXWwUfVHw2GcJi_tlQxU9knIhLjWDKByuOJqKLTTfJXB9vRAgIA9HUJcZDuIjOSUmCZDpkV3Q38WWtky3xuATUZfuz4Gu4DKDyMzStW0UdwEyvbEuxdQUpZucU8h9aHe4hkRTHSsw1dsPXttnZk7S5ongfNiJTYP3GDGac8rk4qctTkLjuNNY7KzEeEZ_NRYgLGVZH1Tma49gcK8jrS9I7iBtcBCTNa5ElgRmqnfLAby-rOtXxDOeLw0IX2Iy_UCpThauMyiytqqKuVKSYVryUanWdhziwdmEFqPY4DxEhkuNxIWgij7GXUL9YJj16BAOY8xMyYL3Jlu2ib4qSa6hMA6zHu78xuCynxxW2QUs3mZ08inodB4_7hU9AIUe3tjBfm0nNUTj0FMLtV0gfGhO2nGdtf6A1vKIuwyy6JboWkK3HmmlhR_K2cwvh5LGt5SuiiAlSvl0nYxLDkHWzpkGb1dMMxs1Z9Pho2JgPZjb6fMCQxMvQn7Iev9VeolOjY6G_kV8Cd-7GTRbWw0akkUHZmmVxkrcVD_e7qqOo9pVIaTuIIg3vb1LqWrTy17-HpDgBOo_wTFBruHhHrySMe1lvx-HK35gPsN2vbfQ_zIcIvt8PgujYSsgQnyz634EJapqIjLOu36C1FGQyamYyKCy2TBYfH_YsDnuXdVjFtxCmO3P5RZ1GCnM1djnkjdcke2Pw3LG6P86m5K-6cCk0iUDlonEJoyUmSwOJGjsmF0EYQygqLTTDio5GOAf72hXUQ3Z6XIAqZ1kTjP0LFVw4zLeAGHm8WyCi6rbxTtswIcm1diXDP9Z_YCDZ2jbiR1GLDFedUtS9-uF4LDgT0fDb_MLdaTnDW5Y69fTDkbpUn_h_pmX5BBt13EevD9xzvCCJiIcEEpj6oscLBvv0fa7wPOUwYMhcImSB5qXfNcnHuDy7Zrob6Jk-H4Kkh5--oOqohxx-wRQaQuwHNZoV6ZY0hkFOSrUjtlaf47a_sA2Ul0mWXe1nPvyU3q5ywutTy_UxVkFFSk-YqgpzE6604E9Y3qaLB1XcxDL7WbLWd870JfuSwXZeamCxEFVXyd54kOEyzubp9oB13rU7n3YJGaU1jXEmKX38-xA&cid=CAQSSwBygQiDQsWYrEmQyDFCLUFhGujmv2GIaM718cvublloI9l7h_UUD7T-CIjxD0ou9fVomw70mRa7wYlAyE8Qan51bQ5njOZisPBu2hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=7474999960292844000&adk=1964084972&idt=43&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

634154a794d95a39d31d0d51457098fc5ade6e7a19b47949a41b5f97b32ff227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6EA8 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KC3Oow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A85 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFTya6r-LsotRgBAzX8KfYqdXOn9946PBe_6QOKy-bvFFfxgjLJM6LeKp8p0X6MFOlhXPl0TUH538EsJlSeNbleBtq99i9ToNmHK8uYD1YzjgoWDsHQgqHHqA3ml_T7irgju4gm08QFvO-P1smuBGZNdl5QjoKAjXM7VglQ13kr1X--fsNnx026A8-7EgcDD-yiPVsQt05-QQ3XGWeMdoVN09I1P0XIDYW8v1nHG4EaM0tm0ouAA80Km-lo6DASlaGR9j-E2vXNjJyxBogfT98xCXHGyKOxgrdewA2E1s2hH6B22zhNv6y1B95kESuunPUHta1FIKuGawuhzbqsw&sai=AMfl-YT-66aSodww3yBynR6_2wls8vjUIq7bqtAYmSqDUf9jm9JPFP4UExfl8DGzL7G2IjSBD4M9LAb8k1g3SYzQPT9Ihxxxs97I_biP3tfXpM25GfByB_Y4_bMLtptKqfJ1QA92TIy_6nxPpUbCoocU&sig=Cg0ArKJSzEVeN_EHbml4EAE&uach_m=[UACH]&adurl=

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 4A85 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 4A85 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A85 171 KB
53 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H3 200 3806367709832810825
tpc.googlesyndication.com/simgad/ Frame 4A85 143 KB
143 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3806367709832810825

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cc19ebfbfa5aa7eea33b08c4bc84780166b72245aa254f8ea59173050d1a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:24:44 GMT
x-content-type-options: nosniff
age: 92663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146647
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:56:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 May 2024 19:24:44 GMT

GET
DATA 200
OK truncated
/ Frame 4A85 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24b1a1bc69ee8ddeb66c6ba461ef65f385b91f33425fa9b5184b86c85d75789e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENFXgn_SsQ4pCmQh3ZR44Xs&google_cver=1

43 B
766 B

28ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENFXgn_SsQ4pCmQh3ZR44Xs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNWa--BRAYQBx0MUfcIjhZtdIBgNCPJGxBX7o6L5hYGgVqsdfg72GcCdxn66WCWmrWy62CrHOJaZWTN1SraWrkOte7Q59qSlCPF2l3SRgIGxp8qT8HD9j0Rc36LJiyWg9MxetFiSpWpVxs3K9Kxfqm_VCFQlL3fraEjWFFcN2TYk5kel9DQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 21:09:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENFXgn_SsQ4pCmQh3ZR44Xs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CB47
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHe3c7aM0r4tDT6TTYdvrgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0L41nxa4J_QmWR0AfDxOA&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0L41nxa4J_QmWR0AfDxOA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNWa--BRAYQBx0MUfcIjhZtdIBgNCPJGxBX7o6L5hYGgVqsdfg72GcCdxn66WCWmrWy62CrHOJaZWTN1SraWrkOte7Q59qSlCPF2l3SRgIGxp8qT8HD9j0Rc36LJiyWg9MxetFiSpWpVxs3K9Kxfqm_VCFQlL3fraEjWFFcN2TYk5kel9DQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 21:09:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL0L41nxa4J_QmWR0AfDxOA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CB47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGsgMmmh1BKcfDIPUrLdza4&google_cver=1

43 B
1 KB

51ms
50ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGsgMmmh1BKcfDIPUrLdza4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJbor-kBMAE&v=APEucNWa--BRAYQBx0MUfcIjhZtdIBgNCPJGxBX7o6L5hYGgVqsdfg72GcCdxn66WCWmrWy62CrHOJaZWTN1SraWrkOte7Q59qSlCPF2l3SRgIGxp8qT8HD9j0Rc36LJiyWg9MxetFiSpWpVxs3K9Kxfqm_VCFQlL3fraEjWFFcN2TYk5kel9DQ

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 May 2023 21:09:07 GMT
AN-X-Request-Uuid: 184d6eaf-97ed-458a-9a8e-ab9eae3f2cc7
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGsgMmmh1BKcfDIPUrLdza4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB47
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0MzQ2NjkxNDkwOTMzMzUzMQ%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0MzQ2NjkxNDkwOTMzMzUzMQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 31 May 2023 21:09:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 548c4334-672e-49ff-89f0-e1f1de212254
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0MzQ2NjkxNDkwOTMzMzUzMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249284/ Frame CCBA 244 KB
73 KB 169ms
42ms Script
application/javascript 54.72.36.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249284/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-7711988207324430&ias_chanId=1&ias_placementId=20111331724&bidurl=https://newsvidex.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iH05BnbJ4xiVlYrNP2qBYI
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.36.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-36-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c05cdeb4708b33a0fd6b505737f78b0d3b0aaaf29197b2ecc0abcc35de612ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CCBA 106 KB
37 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
Origin: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 20:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 20:07:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame CCBA 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BU94XCV8ZLhQLuqvy-VI_RSM3MVryU3XaSM5IYZ9uEkMF64aTCkAO6Qt88I_Cnsr7fU3T_Gv_nXTF49md_VPy4hBEhJ68YGtYjrCbAOLbM9tGMPQRfb3TBaOYNmjvNocu95r8pzKKWW1EI5hgJH3QcBVG5sQFsqOZ6sffGt-8z2hr8fUs&dbm_d=AKAmf-DZkNpJzOHr7U_NgjfQveJoVugQ6VGv0oBEDdl1dFCzwWxRtjn3bEoMwr7sgFR3ITSWBiUSztDCzHJOC0cvbr3SRnI2zke3YBAjU3O-0XM5507L113fZfXlolkeHiycHPQ9QlIqKwX1kjMufKPjgimaACcf0JGNPTmbYp8gQMxhqohU_OAnCZ7I945TmWLL1eoIbPeyZJhuZ7PGT4KNCmAWi2nSJHV8a4nivs-5tOSOGxJxCmNDtyCblWlJ6Q2teTjRxS7HwjqGhZd3-BfL2cLz6DNJsLboGi8z9YCHKRo4fcfYpQ2CSpdzSQYRR8OTdQs2KM_GfgRCyEw1nz39HN0TqY7jk2EUGssHB40BCdDBKZ71C1Wqq3JfzzQQ56dDUS_p--eHV4Q7uOD7b5nA97U5EnAludrsvPEzyai-Eg3dOxfKMbDL6f3NMOa-PyNmy-BwgDpLzsd7Uj7HWXHM1oKZpR5AEWOF0E0bslFolcCvTRY1Pe4xvDADQcWYb5jgX7NxVIu7qKG9fV0HsvflVDeN-bldOhmeMLtBWpUNPCLckp3nkcgbwOwvPk7FVAeuc8ncUMmOmmZtHf07Ia7mfyBXsvYGW18YXp5UR0YPEGF0CMiYw3UhkwsIVpPT2YEQ118HZ_TKK_Bx-GJMAhg4ZaKbZcSSdYOzKYIXzgsquQyRlw-kR_5pipRKZ2nUi0wuLvkv3Ti1ZuCXWX4ujeUuBcFKQJjD1i_s0Z9yePZ9EUH7HH4_q-JIDDfZMLR-EhyNGpMUsjlriR1eA3oRwmcKIaMXH6klUfSwX23b_wTW3s94dOigsBWMLnQ1LzI3r1nxFOGeq42h9_5UF5_Etqgu-i_IUMFbCAgWuMZ8F57kcUam3WU2xHxNOPHbY0t5dQh0lQ9f4SAzIjluuk8Bc1a4p99FnYlRfuM8FNmRUggbJuIceJd23DFTFYX-HOwpgV0LVhlEHwWqoj2PFS0zUCI7FpaXsofK3iFGfdGpk4NfdrNW9BiR9WcOOG_r_V_acBV1B4uVTRrc6h6D5QxaNR0W4g4Dy3Mw3ng8bewgfuE77H4WtyiUKdFAQvvh_9FhQdCIOj-DGMkeCxNOAZreI5schCUluE-qK8EltfX4zmX4mq0tjvmd6HOQ8lRDkUUdyrWXB_7DnW5HhRrvp5Elej9C1WpZwgcqXvWaASYq9jfQIVeGbTuh2c4AVHYcq7s1J8N_o2eLlGxeImDe1TGbu9r7QSl0onZp4MItH7Vd87-qRq2XzY-AG-jGI9dlUYmXqfel0ZfK48ACdCpfmiJPY-c8Zt9Dd1j7INWjWwellS_ZE01LU66A_OXAPI-W6S2KVOMXO22nP8viE9c4MNpvC_vkpPyOY9dW8PcEgnZragGyiJxIFjoBnH3IcNfaB2SaxvfVhcsgipur5yC00WDCqbpI10pIVIxVGsPavT9lFyNEbTOeeyzrTowpr1iO4BZo3i_ViBjZ_oF5UKLGSUTgDz9GeKnb64lYLaFjZ3XWO-xla_OqyaDhfmxCecGRfLhhYDS8U0dYLbZhSedIklhd34KkifyNlbB5BS8U7nN70h_RhsFDJO8520BeJtdYuofORxEe90jFWRMR--K5LsB6lMCPts_upn9Eygh5vd05kNewa9pzCSks9GwW6t0BvW6ND4GOZEM-QzvmqHZcyMN9hB6VOi-o6ZpA6VNCKWrrxS8GGbcGB2BY-K_b4zp0xLuagCCBcMpsmVQz4BNhVoqeIOCZNrMnfqWrOkNiXD4TzSqCT_MQ92yUoh5lK31Z0QRhEP23JW4OF100_rb-CKJVQSH04PqnQok1CFH1y8-n8JuJs9FoSCH8CxFOy7zRjofUlwgqcvtAWX3zRgv-tyzF52FqlRndoY-RwTNpA8XltrCIcJuCg1J9SFuz-OkzUo6y5qri7Ep54vt95tjhxEWkFGtY9uKLJlhogv1-AzL3SEJXIBGSxCXIwxjrX1DLi8i9JUkRzmOTD-3b_Go7-o4KxnzIAicY0qFVXBPNkkou1pEinDm_9ciWux8jSgZln2hjcqtAOMVIqyLu8wgzFYW3GN0IcAtmLX3lDY5vXa4FaggHfwhR9wRKv0IlUnm5-UB0sIiNosAtU2rNh1rq4CdXC47-yAHeEpXlNEFUYO4uDsbaInpTPOYVS14pwGLz9ptOQbeaObo1D5tAtYgkyijcDn3knE8ElKDn15jLMP-PO7kRBa_0vgNVChJyF0YpBdpIiw9cmr9_NKoYX8M4Mvgh9S-Vw8Iuh4Xl9QMtp_wQ9L5m00wif4OygvZ84xvZEXGg68baxwXWwUfVHw2GcJi_tlQxU9knIhLjWDKByuOJqKLTTfJXB9vRAgIA9HUJcZDuIjOSUmCZDpkV3Q38WWtky3xuATUZfuz4Gu4DKDyMzStW0UdwEyvbEuxdQUpZucU8h9aHe4hkRTHSsw1dsPXttnZk7S5ongfNiJTYP3GDGac8rk4qctTkLjuNNY7KzEeEZ_NRYgLGVZH1Tma49gcK8jrS9I7iBtcBCTNa5ElgRmqnfLAby-rOtXxDOeLw0IX2Iy_UCpThauMyiytqqKuVKSYVryUanWdhziwdmEFqPY4DxEhkuNxIWgij7GXUL9YJj16BAOY8xMyYL3Jlu2ib4qSa6hMA6zHu78xuCynxxW2QUs3mZ08inodB4_7hU9AIUe3tjBfm0nNUTj0FMLtV0gfGhO2nGdtf6A1vKIuwyy6JboWkK3HmmlhR_K2cwvh5LGt5SuiiAlSvl0nYxLDkHWzpkGb1dMMxs1Z9Pho2JgPZjb6fMCQxMvQn7Iev9VeolOjY6G_kV8Cd-7GTRbWw0akkUHZmmVxkrcVD_e7qqOo9pVIaTuIIg3vb1LqWrTy17-HpDgBOo_wTFBruHhHrySMe1lvx-HK35gPsN2vbfQ_zIcIvt8PgujYSsgQnyz634EJapqIjLOu36C1FGQyamYyKCy2TBYfH_YsDnuXdVjFtxCmO3P5RZ1GCnM1djnkjdcke2Pw3LG6P86m5K-6cCk0iUDlonEJoyUmSwOJGjsmF0EYQygqLTTDio5GOAf72hXUQ3Z6XIAqZ1kTjP0LFVw4zLeAGHm8WyCi6rbxTtswIcm1diXDP9Z_YCDZ2jbiR1GLDFedUtS9-uF4LDgT0fDb_MLdaTnDW5Y69fTDkbpUn_h_pmX5BBt13EevD9xzvCCJiIcEEpj6oscLBvv0fa7wPOUwYMhcImSB5qXfNcnHuDy7Zrob6Jk-H4Kkh5--oOqohxx-wRQaQuwHNZoV6ZY0hkFOSrUjtlaf47a_sA2Ul0mWXe1nPvyU3q5ywutTy_UxVkFFSk-YqgpzE6604E9Y3qaLB1XcxDL7WbLWd870JfuSwXZeamCxEFVXyd54kOEyzubp9oB13rU7n3YJGaU1jXEmKX38-xA&cid=CAQSSwBygQiDQsWYrEmQyDFCLUFhGujmv2GIaM718cvublloI9l7h_UUD7T-CIjxD0ou9fVomw70mRa7wYlAyE8Qan51bQ5njOZisPBu2hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=7474999960292844000&adk=1964084972&idt=43&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 13:56:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame CCBA 29 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 13:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 13:57:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CCBA 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A85 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM1aXkrPnTNgM6MrPUDD2K8nIATFKHg6qJA6ZxYDlBRa8ZAe-o8B1rs5OeBszc7pbBJUbUuoaLA_7szCwnvLeomZLYSHbPCc9IOWihFKeRxBp9n8RFOiFXr8_BYz5Bx28FWh4uBiEUMBFemSlpk4EsOqiJv3h3cnzc3jn09U1O1b5LdOKjH-ow2GPRlIjmW2MW8qjFX0f99Q0arQasOhhCDQXhhQOotZxSzknejc2dGnSQuV1HdY8pDbib190DG_nzqlCuhzzbj8BxHeO2j0yclGsfY1wMiQPl6ulWtQ6743JIJFI18oA6vivfiiJzE49i33CvJjzTGDYxB3L0r0AM&sai=AMfl-YScVq3guY7IO6SvJ0C3GehKArCRWpXyd-gc79BfSBxaykDgoE_iE6MQ9F34uDU2ZEYm11qyyr7CQ6RKIMu0EToxO1AKs7wmyfMbB_Qlvw_zPKdVPNFllgAAs7ecp9gCAm_vY7P-xLXd2jEnj8uV&sig=Cg0ArKJSzJREok0jwllrEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 May 2023 21:09:07 GMT

GET
DATA 200
OK truncated
/ Frame CCBA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe628d4a9bc4c23ff7a6fb56823106175d2c6d2692ecbf15c289b4d3cb2cd639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B60 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 84715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 21:37:12 GMT
expires: Wed, 29 May 2024 21:37:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13930567320524598244/ Frame 901D 6 KB
2 KB 60ms
21ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13930567320524598244/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 130459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2166
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 08:54:48 GMT
expires: Wed, 29 May 2024 08:54:48 GMT
last-modified: Tue, 09 May 2023 14:23:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCBA 0
0 138ms
69ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXvPXRfCHyVqTZ6rGGX9RvRh6Mg8TZuTBkcXj565p-dHU8ZY1jSJckpuS_nOBy_fduQudGHSt7hjJQTaPOEnBDaJyrnSl5ODDDET4_X8o-ohatUI7cprVo1VhVA3Kf2D7kOiFyrgD7zsvI71zOvfvSPMpdnivLkxCoOAeRTS73w5_Bkytny_Dp80bdVOsV5mZYtNRUlPLFqFU7cvc1KDURV7-M06_XDVE99Saz8mITucIKyJ8pn_eKgTuyRyp7dmhINKvrv6gXeWdK9hQ1ERPIQFnGYWGk7Eq_bpE2bwWDlT4CyJdfNX5Xr3ObwGEZdWVPJLvBuS6WvIPjYcv4Pwoz5qfTmrbjXAVCDlJUkbw0v8JB0iJ47gtGHUYtxSdxHwT9UMPFsjOOOOeRbTucMIQMVtzWYySzhxlpqP4sY0WA4HoVx5ODTTyxVpzGZF3GZnsmwy2jdqwJweCwnWcSOmu9ldDKNOLm0fo0PvF8snDy0abacEEdxYtIg9EROa5ZsAcG84eo1SdAVVZgvUfUSBXbKI0JIkx6mAhwSFej2PDY0SVSTeTLsAcaqqPX0QHtvvXpC7NMhkYWyEwEjMdnUktbMkkxrcLKfkm5OwrxoNBmP77vGWfBgYlfxcmFITgb72K3vP6QF2ulGoLD5rG15GFXSY4HvympKXzaMQriINvjQE8eo1nGDZ1pYEs8jW62rjyjwJWv73IYHQ69_NY_wEfgk7uBnOq_EpcfejX2yv_eSsDl-iUnIiWWYTSFLI0PVvO8R1LXGooZfoSyOFImZCsR4I0okw-8-dyQdOdaVTnx5lGpFQGoXL8XxcU9CvWGYPnGVTf_3e9xt5KrBVLVimYqSCsCYH9ALrS_CqGpWUG4gbybHY5tS2pea6-Vvy58trVJserRnlk1ExsAsgk1Jp1AIbJtrEHfzNiQvBvZ_-YY7aXkdDyisynvkD8W4pBB5dZj_Q3sazRfpR5sSIneeNVfRztXa-V6VEjdR1rqtSkfcajfm0OVEU8S3ywnHNWUt9VCuzTi1I4zVzoLNu0qTHXM_s0PxA2NmxKt8ld_mUC5_XzXTRBkJuU3HFNh8bLyr74hNEOGtXkD8Dl1imuQ-NcdBQARKL2eTwVyPS2iK_yxEZ3914Gv35E_WFav0TzwgSXFIeMGADyTLALPO2Rf2wCmitY_s1xJ1on0_7lHIU7C_yRERxP-BJi0TP0O5zZtHq16GTTETEweoDZGxR_j9cX3QTxVCDt7z7cNuS_UVpZlRshQ&sai=AMfl-YQ5NAacNxzmuXJdOFyUNEwYT3Th9k-Q1Wmpg0Ums3CNg7E0F9Sn2kPz-Sw0dbVA89RoU2IqF5v3IK0rZ8_FCQjzBQcR-Aroes3cccT-nG5RJqCNSoHfy2DB_yIqZVT7HuWJLdCJa5muGM_U51hxWVzDuzUW4DF-FjMWWqzUg8aXhwzDEUsPbXG_ZqmzYGrYrMw5-ztQtvp3eYAZBOpX6AcPRrqpyrr8sDcR9aA-KqW6LYZDjrGg4afSaLMKZefK6aP-6VbuQsXoOkh2EwuLemJuMprm367H&sig=Cg0ArKJSzAstNMLc2E9MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=107&cisv=r20230530.61056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H3 200 PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B60 38 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 06:44:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 May 2024 06:44:21 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 901D 236 KB
63 KB 143ms
41ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 31 May 2023 21:24:07 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/13930567320524598244/ Frame 901D 188 KB
31 KB 19ms
19ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13930567320524598244/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c470f6a03716a738a3b4639a161ef4d0d3572426eddac5ffc890271a06e148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 11:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32154
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:23:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 May 2024 11:30:45 GMT

GET
H3 200 container.html Show response
f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 41CF 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:07 GMT
expires: Thu, 30 May 2024 21:09:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 41CF 34 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787ed1e9f233b4252d8ed16a2ffe349ae6d520261f22eac2d2d543740878db1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 15:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
server: cafe
etag: 12354464270641361980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 15:04:26 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 41CF 24 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 May 2024 08:18:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41CF 171 KB
53 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 21:09:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 41CF 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 41CF 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:35 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 41CF 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 14:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 14:02:29 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame CCBA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249284/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-7711988207324430&ias_chanId=1&ias_placementId=20111331724&bidurl=https://newsvidex.com/&i...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

49ms
29ms

Script
application/javascript

2600:9000:223f:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: eGK789aVCC2tcX.Lk3Hnhjg5o0a5TSMp
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
date: Tue, 30 May 2023 00:32:49 GMT
x-amz-cf-pop: FRA56-P5
age: 160580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 May 2023 15:51:09 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: SqPS7pQf9GyS64eKLuznv9UG4QUYiD6-G6NPGOh1Zsv5yFxG8qrZVA==

Redirect headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7293 91 KB
23 KB 93ms
26ms Script
application/javascript 2600:9000:223f:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21792772
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GEd5qCg9boi-G3KHibTM54eDLudCSysqewlK5Qlt8SHJRJkcK1szkA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 546ms
176ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeelAM,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:0,renddet:na,siq:29%7D&br=c
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 542ms
176ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeelAN,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:0,renddet:na,siq:29%7D&tpiLookup=ao:newsvidex.com*&br=c
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B60 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN5B1c7d3ZOXpIPC39u8PoeKfsAkAAAAAOAHgBAI&bg=!ZmWlZTHNAAZu7ficTu07ADkAdvg8WssJbBoF7XvC8Hr2IQxnTGY1gwPKpkHFtoZJeC9GYvWPAA68YAH3wzkCEWyMoiqouVRfXGgCAAAAY1IAAAACaAEHmQMmx8_ElGdmtEpp6mykqeX7rWMkm5ZN5HDcJpuGLKuwh0VCAzDhqxPuLWHwRvHRrLz9R2b-1fDEnT-Slv5sMoOroyj_jFWaOT32YRu7yBMExQEj3Xvi7lg6MIj7iZsuK2Ze37SufPteH9WiCxyQE61b9sCgasasjglZINKGWkyYHg65V29Wd83nLqqfP5Hyb1ppeZ-SswWnpjLFUj0AP72DgcgrSL6MSbZ33xOSw-JGeOAOTqF5O80jRBerxF1o-iYn8O1CbFHkwdxaQw-w-WPNq5DBTVwZ0Xqw0obrw4TzSVN2T2nGjpLuvnvGUvvFsfeySqzQc6K9fqSlOFMq2iNrlv-fZdi286Yne0P1afMidttbBO29lZw6f-jfFfX3r6KUcEMGO2HlUwLnnxYiYTKlKHIg5Bu49sJORON8ge_MtTPT0Er5MAVWe93VDAdA-Bdg2VVSkUoBH_Ln-RgMHkCcn4E91LJgKAfIJclQpKl9nEkwNYUAOXopYsnw3MAxJbHdg8Yj_BOJ_78Fv4e8HrfEquT1RwL8r_tFDMWBtGQ2F5JmCBaWWf5riXqMtf0yk3qHW6qnjWHa6gwmqKh8Exdpe5QJvO6ObVuGbRMKNCKxfEyMScp_FtN0OgXQIcyFJhM-ZuBQGwtGcjTQn75RMYVcZR4nuGqRKBmUgJLKNbAALVBi1IRvM1e2_2GouP821GUw6PTG0tn19vZzcrjLt7i8LB4FSa6QIqZjkk-ZEniYdGNXgn2Tq-FgF5G7JToIW2tDIaLpUEj8pmzBHQTj7ZmPhVWgTY03wxn-ZgU4BXT3BqEqBVlDx0hwrZ6O6TV0aQ7uFGiLJ8rzIBMExXXdEZmLuXNRKY8JlDdWtXyc1zZKV0I_EQ6UhOiIH0Cn-VKr55QXe1hDRKh-KNYH9uWhjMh3SyT2Bzxh_7AxbWA3BQLuHMfN1DttfB5olby7kmah2Y9FH4_9w3kUCrC29BXrHFEL7NmZQydgOY9kGv3qIbf5RiS-uFBX_jfleDJ1YkN-E80kRok8A9aIJUTW-TIDa-rY-lSd4GuX7oEd6FPtT4ddifxI8R8jMlc

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
216 B 535ms
173ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeelAU,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:480,beZ:481,mfA:488,cmA:490,inA:490,inZ:494,prA:494,prZ:503,si:509,poA:510,poZ:528,cmZ:528,mfZ:528,loA:536,loZ:538,ltA:543,ltZ:543%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:29,sinceFw:33,readyFired:true%7D&br=c
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 3802123270330657647
s0.2mdn.net/simgad/ Frame 41CF 48 KB
48 KB 20ms
20ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3802123270330657647

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b1c21d289ecbf1f6d5bf0ca42a593f2dc94433f009ff948b07e2f3e0b59ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 23:10:26 GMT
x-content-type-options: nosniff
age: 338321
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49234
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 15:10:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 23:10:26 GMT

GET
H3 200 9466937718860265798
s0.2mdn.net/simgad/ Frame 41CF 12 KB
12 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9466937718860265798

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

761b4560abf14bf5e4de99a07dcb54acc85a36305c020110cca8e1ae56fbdb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:21:53 GMT
x-content-type-options: nosniff
age: 366434
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12230
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 15:10:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 15:21:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 41CF 42 B
118 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AG_C5e6bXheJFc6aQY9D2hvMK3Gtnbb_xATwEaNAv4F8PwmFlEJUoENTJgqz1drm5VI8sTclwxuozEgTd7FDtxEIF7EWcx8oIJqpH6Wkj8ceGePBE7UY-bflRatEMst3JqklRvew0mpP72SemIrp5irSTriQ&dbm_d=AKAmf-CzCigQWamVRY3Byf-A5z3AFPY0lsgB-Jgrp0sgXXLiN0tKUjM4maWtpWlx6hotNWtUvKjGYqXiU25Y3pyD9JZGWBiJPGgBUpJWP8d_DVsWJDwQKIKiHvDoKsni_eQT147QGiq0tfYFL9ufQnsVdRzEzFEaJ0ROWMvispsL6gcHsMSTlt02u7RiuD39v0vvcAsWPGyT12DjANGl7-EcK5LO_JLqoZr0XcVgNbmekElnMa6_fgngWa3eGKj0Jx94QubIg1AT5_WUL58zrvERWGTpEHkQIiiKuxNCAmPdoxmj6uY0z0qdPlNx7jTQkzUr53E9zUwlTIs03aMeTZhVj_VHIK-jhO6Xj5d_TsBfv0Ot4segEfHmdjmCNYAF9z2UGuwACREz3BFtCRXTfh_tqVxHi9HK16kFHpJnCCfFv9CFDRudpXuvv8WxW6MRHrf_wdiUcChEy1XBdG62GkEukYrnkCvCT1gzWknJV2bRNHmwhrdI6Q2EVAN2WqPf5Jhdm7Z-m1I3ZakhRSrWCqyT_muU8okQhekwis6b1x5BasnztUKul9PmB0RxECPqHia2mImP_nDgYHUHZkStpD4_OonlJ76DQEG4VUGyoLTGoyF1xP_028wHWXxr70Onp_g8IUgerhexMzuwZuRKtC8DrTvASkoIrzPoOpMWz8uyRedGsEsljdNb-ZEoPdjOB3vijtf5jx-h009RFtwb_FYi2CfAUT8zYG4xc9FyHZH0kHU2LPuVNtVrInn-TWOFAAqQKs0e1bRny9G34_I2PA7i6aAK68AaMjJWuAgkav1sM6Lfmy57GlYE9SdI3eTGhKXeDk5Fv7do6dGSB4BBZDTsbX4BpoZiwGaqUzK7mI5bTSPyQbhJ4fu-shn1H1KIPF2-g1K_U0IDIzBdv8jOQUy9XdY52hmHVlPG5QPR9FAKEPujLCC15AsmTdNMcVFfpftBB3Tswi9PUo50UfVl4B0AdxpivLcNFtA8B3hpRFMPlfFkP1oZWVNd-dfHRGpCyS31igd5_RaOgbde9D8W38YNx5HSQNWTkXIO2nnziE5OUurNsyvqVBDDfrNRheLrLIiVJvbr30MRKDw5rUW6X-cSyepo3rWXtAjYIqt_Pqa2T_Koc8lN9CWZLP9HJyirFkN2cmOtJmlhNmiWOQLSH6yJ2eCxmSXZYVfKvyTd15cty-GeCzrlCbWEmO6157Xd5IZHzMla_4rrFNYnTSi8oqTEcClq_lXCbtkdiVRgp9BtaMDbSCRreSWD7TmsIEBaKb0DiJu8vf7_NGfInea2UzKp0NUyd_G6zH6RfjWyPmhbqedi1XOQiYlpet5TedFVodQo4WUgxxZt6iheGqbaNaFm3iMspcTPxpTS5NPMXGrw-e3QVOq0CVWJz3O37tylrtMFDRtDvGj1YutRdYtvZrPkMwI-y4cmRg3fYVQmHhOFroAFn7L9_yc4LYZAOK9pB5Mo3go1rhbAjyMpAMppcxsQf8mtgRGg_7iygcOycAOnSfZ5We9ZbwhAkZOQCK62Xsx_a8xVIA3pki8z6wGO5ERu0svx7dHfIKjgvrqGkw9QMHT7NYQ6RQahcHAybKpk6UxyrmANE8-UHPT51zKz7_-uPhIL59dPiR90AmmfkW6s8Sos3RUTrXenlbLOfsNYrE6IKOn-NwFSrrXsURQhsBCtbc2oaGADXgKWhTVnzosdShOoA5U0YfDEycGaMJ-rKmPywl1SAqfNcPI1vzXtvlyg2ekJhLvLI9xYc42viLlDOqqgo5KtcOwMvulP3kSAUHjpp0ONjxZ1ie1RDFhOqE01YgJrkJEVgB2In_MA588voAOZxwWLyC-B-HjJM_TRKsqlW2VTjz-Uwz1FT5Kex3xyP829lpCTJATFdjDfWXUi8GfxviwukxtjqJR4fIDWLeFMKbmYU97s7WV2AlZlZYgpF6ZlYRvDWJV76vX3LFJQPwf-achjKQ_MQaMijcNQ_WGZTmiWW2gRuI-6-c5kZW3aGX9zw6p2B3q_nKTczu-QTaW0GHLuu5YzhIM37-1iJMBHIN23d5kyXHi4s-xX0UmHsBvHWL-dcZgGfw-CTwEqM92ch54aiCmy5bsnCxcfCfbzNvU0uXrx7auevO31XVsGsKAMnRICvmcIx9xsR7UpU0_SZLscXMrMjr-A4JPUKXVUfOvs6pYNJE3EQRFCZNfevuH6HKdZPbtx3Y84n1BRES2YXOWXkdHkfKzj2JgB5X9bRC8VyLNQurE8DtS_ly1uA3XMIigpfXz7zFK_4zbFwehQgQMLzv3QmWtUa8qeh5fm5vH5Rsrz0_IEbxj3fk-lPiC6jw6HfXoks-qYSU-79l_LRjT_NVI4ujyOgdepwSxZs4gYzovv_XZKpdSQ5sQDLhhID1eEq2vBgLX9S4r8d45_bXhNfkNipdrE_MyhGz-8aC8Lt3ZY8TpqVIoGRczjhX4DuOFM5T86_QISne623Yi_rgXvy8Io55pX7TrmMuYRoCObGoqJfquH1uE0G8RqG91jlGkJ-7FgONMunb4qeifsZoeGYqCxAbKaqZ5oXFh5FK-VqRHEcFV5Oj0e5H3uh_g5mI2fvCh1O8l5Lb9oYCO808MfEnACigMivPk8YNDHJpLUMesQGJLVviJ1sXzSulKMwOY365z02ejrqZ-vGbvbOKzNH0I0HpK2tYgeI3zEmFrvCq40T4h4T2F4Brt6cnFzcJZVeWRKJa8up-rIghB_brbEwRvgDMHOfohDU6LJs732xNrvWRxyja-kIBKbAdJwZ63X9As9MfttufsYJfROz0jD1fJPS-ByT02w76ZC2QhZ6zaIdJFacLlG_pJHgFyLHMySwWLmKt0Df32mxspp2KtAU1TxRMgfggjmwIw-BiRLtpoA1r0La-YsdYqz-r1Wl8_oTbushNQUyIZZoVUUwRA-ECdH1G2t3DB380SduEDxiuo3dsO0cDT3YO9-XmX_VvGoRvlzxOEJ57jEiPDYCYRsRjRHQbUMoE-NDwpiDwfXQjp_yVHfrHLSTd7ECzTs16Xf5sFRMozwC7Omvs6_1FZOhow35r9ZZvIIsfkruVrEHFBcld5_JDQblZTYywRaqr0JDXtdhuJhQgHXMgfSyxwtBrsEoWhWLFGdgjYb7BIO0fPped-E6Y-dtsem5VMTxPhJbQgKf376Ev05FqRO-ZujJvtd0QHul5tJ-HNedo6FLemJmrg28MEmtnvABFRGnexV6jMbnYUJqF1gf0Yg21EXVj0WjHzf6eMKDfaABB-CITZKCC8CBbuZK3l46BiGP-OiKoKwy6Wan56QUdd-DwOW816FENYDAN3lttjrdXaxhbw4HGEiPRgvI1l6tkwgo2oVvqsdEaEmOm2DcZjQjmUfXkQc-Smdsnk6OedLQnihfjEV&cid=CAQSSwBygQiD9VEep-jxS5d_bhcEA8hB68Wof26lE-zDD9w9oBAowX7fe9JHP_hD3fOTgDS8uF7DEpdECXiUB9jUG3uDDO5lv2rtnnnsnxgB&dc_exteid=31093229483546081728344304319634613&dc_pubid=4

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 41CF 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDfHUc7d3ZJWvFomVtgeCr5mIC4qftMputoqqnPQQ8C4QASCTxZyaAWCVypOCoAegAc2i76woyAEGqAMBqgTvAU_QVz7aFv_RK8OBhOQrrlHc6YcxhFc3KOrVME8UJKE2HaCObakftae6SlFTWDeIy-_0anQZPQfQ7Uj_WO6qRAG4KKLhJUdLPo-AMoyRIdCDPy-ps9P9JN99Fm1cUnLrH4AD1rQgFaQu9Ik7CtMO-wL9p4RcV9ga9qD63dPOiHJS6yAQ005TrZKfa93X1Td-sJLlPMmb8Lc9XgRWDdMR7M1ICtlL4Kd0HTxEWCPfbd02BcmTuyhkq8lAP0T8bheKD6YQA6PaC_f0yo1etDtDNviKxPfcPLzXcK67Uu2NKY9RZw8uJ8xCE2itpS4IA04IwATdwu3xnATgBAOIBYS6iP5IkgUECAMYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHzdq_jAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChC4yhIYj5GA4QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBsBPtgb0TyBOjj-LhA9ATANgTDYgUCNgUAdAVAYAXAbIXHwodCAASFHB1Yi0xMjMxNDc3ODg3NDYwNzk4GPKEkQE&sigh=32koRxc3yRM&uach_m=[UACH]&cid=CAQSSwBygQiD9VEep-jxS5d_bhcEA8hB68Wof26lE-zDD9w9oBAowX7fe9JHP_hD3fOTgDS8uF7DEpdECXiUB9jUG3uDDO5lv2rtnnnsnxgB&template_id=509&vt=10
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D42 143 B
228 B 19ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 20:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41CF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceb657c8807e0d1ccf34ac2f99271c3c00a8404bbe72e43645872c6f2993b3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/13930567320524598244/images/ Frame 901D 19 KB
19 KB 20ms
19ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13930567320524598244/images/index_atlas_P_1.png

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 11:30:45 GMT
x-content-type-options: nosniff
age: 466703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19411
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:23:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 May 2024 11:30:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CCBA 0
0 60ms
59ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXvPXRfCHyVqTZ6rGGX9RvRh6Mg8TZuTBkcXj565p-dHU8ZY1jSJckpuS_nOBy_fduQudGHSt7hjJQTaPOEnBDaJyrnSl5ODDDET4_X8o-ohatUI7cprVo1VhVA3Kf2D7kOiFyrgD7zsvI71zOvfvSPMpdnivLkxCoOAeRTS73w5_Bkytny_Dp80bdVOsV5mZYtNRUlPLFqFU7cvc1KDURV7-M06_XDVE99Saz8mITucIKyJ8pn_eKgTuyRyp7dmhINKvrv6gXeWdK9hQ1ERPIQFnGYWGk7Eq_bpE2bwWDlT4CyJdfNX5Xr3ObwGEZdWVPJLvBuS6WvIPjYcv4Pwoz5qfTmrbjXAVCDlJUkbw0v8JB0iJ47gtGHUYtxSdxHwT9UMPFsjOOOOeRbTucMIQMVtzWYySzhxlpqP4sY0WA4HoVx5ODTTyxVpzGZF3GZnsmwy2jdqwJweCwnWcSOmu9ldDKNOLm0fo0PvF8snDy0abacEEdxYtIg9EROa5ZsAcG84eo1SdAVVZgvUfUSBXbKI0JIkx6mAhwSFej2PDY0SVSTeTLsAcaqqPX0QHtvvXpC7NMhkYWyEwEjMdnUktbMkkxrcLKfkm5OwrxoNBmP77vGWfBgYlfxcmFITgb72K3vP6QF2ulGoLD5rG15GFXSY4HvympKXzaMQriINvjQE8eo1nGDZ1pYEs8jW62rjyjwJWv73IYHQ69_NY_wEfgk7uBnOq_EpcfejX2yv_eSsDl-iUnIiWWYTSFLI0PVvO8R1LXGooZfoSyOFImZCsR4I0okw-8-dyQdOdaVTnx5lGpFQGoXL8XxcU9CvWGYPnGVTf_3e9xt5KrBVLVimYqSCsCYH9ALrS_CqGpWUG4gbybHY5tS2pea6-Vvy58trVJserRnlk1ExsAsgk1Jp1AIbJtrEHfzNiQvBvZ_-YY7aXkdDyisynvkD8W4pBB5dZj_Q3sazRfpR5sSIneeNVfRztXa-V6VEjdR1rqtSkfcajfm0OVEU8S3ywnHNWUt9VCuzTi1I4zVzoLNu0qTHXM_s0PxA2NmxKt8ld_mUC5_XzXTRBkJuU3HFNh8bLyr74hNEOGtXkD8Dl1imuQ-NcdBQARKL2eTwVyPS2iK_yxEZ3914Gv35E_WFav0TzwgSXFIeMGADyTLALPO2Rf2wCmitY_s1xJ1on0_7lHIU7C_yRERxP-BJi0TP0O5zZtHq16GTTETEweoDZGxR_j9cX3QTxVCDt7z7cNuS_UVpZlRshQ&sai=AMfl-YQ5NAacNxzmuXJdOFyUNEwYT3Th9k-Q1Wmpg0Ums3CNg7E0F9Sn2kPz-Sw0dbVA89RoU2IqF5v3IK0rZ8_FCQjzBQcR-Aroes3cccT-nG5RJqCNSoHfy2DB_yIqZVT7HuWJLdCJa5muGM_U51hxWVzDuzUW4DF-FjMWWqzUg8aXhwzDEUsPbXG_ZqmzYGrYrMw5-ztQtvp3eYAZBOpX6AcPRrqpyrr8sDcR9aA-KqW6LYZDjrGg4afSaLMKZefK6aP-6VbuQsXoOkh2EwuLemJuMprm367H&sig=Cg0ArKJSzAstNMLc2E9MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=389&vt=11&dtpt=279&dett=3&cstd=107&cisv=r20230530.61056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 21:09:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 May 2023 21:09:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D42
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:08 GMT
expires: Wed, 31 May 2023 21:09:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 21:09:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/13930567320524598244/images/ Frame 901D 112 KB
112 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13930567320524598244/images/index_atlas_NP_1.jpg

Requested by

Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ded26ed14c8fcb1ecfb6b333c738b9ca5a2a2d69e9cb0e6147ec61333d963f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13930567320524598244/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 03:16:52 GMT
x-content-type-options: nosniff
age: 150736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114602
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:23:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 May 2024 03:16:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 437ms
174ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeelCu,time:161,type:e,im:%7Bpci:%7Btdr:101%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:146%7D&br=c
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305250101&jk=3085292455104152&bg=!xsWlxZHNAAZu7ficTu07ADkAdvg8WhFCEB9kx6OLTSdI1DwUn2BWPGRjiV64VZ2wDCyQcS0fzdOwFYWJ2pMoto0acQWdSOLv43sCAAAAtlIAAAADaAEHmQL9qdL9eXZUT6-PGhQxk8iHQsmV4Nt92Mbci-l_auFDxehG2OGYzEd9_AJTW4-3Q6oZG2atUTMrY8PndrP1WJf33ZHe4yvh1K4g9cH5-gtfSCUHs92Wn0sL_e7WCr4EXWfckqWlR3K0rpOTuC7cYmsd42jKdq4TspVyD5XtmfeDwDgPMfwA_k3aNq8hOuAyqkxwSPKmxlFi2SPccbiE2G5l02Qo6UohRqqi92gKrtW8AFvEqy6wUs0jXDXHCnMUgLT2tPTMWORbNi6-kO6XoFWeCwROVKLQRbVXgVB3rGhiE4rSUxm8AgrTTkm4KLITZsptzftqN77C9JVNLejNe__7thcxjm2u4WbjrH3fN3Algys3g1Lz9hPkAunjvvRY0qIWDEcJMTV0tHm4v69pkMm9L0hAMITet1lFjH485hrC05DxBtHsftiuLCnuGLEbIaz4NtHdEYG_kxUP_HHvG0uEUanfqfPGZI0shtzxVz8adUgBacgqW-XVzuZwGmdJWFQ-wKq3rmbMM0GAZA8yOCXv-JhxiJ7XUPn_pujD8QNtPqzs8b4uI-F2JLkswSaLqpUdRCs_V69p35HXB-IgvhVSZAtNBWF3yj7MJz_Hg9KwBMfKPU6xIuIPMcJePhE0Pg3PjMDdawtOGTVb75uUsdgWOL4DZVTFw8UsbJ0WvUYokfautqlWtAmAQR1HSWcXMIF0ZEQhvHlbi4CT00txu9hQT7jlFhkwTupwMLZFH2OR8GWf35k75C16nWO76iskpnapK3gyzFkkdg_TkX-MKba18neXJf55lRWY7E7mtR_FZOAcUCnXOARuG04rZ8gzJEsACxm3vIN2R96O_qJ6D2_rBALvuVZbrsqODhahg9JUIGc_Dr90_wNuwiO7xXHuWlQ4xSvpAMhDuROj64LYqEa6sqBU39Uy4yMlOjjsshmJNAyw71EoDlFdNN7IwYVoASxmVT8MQCuzj8VoaWMmRKnYx8_Hld4DXXUJs1dfhEDgL1IbpMo_vO5G4vAIRKun
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeelGR,pingTime:-10,time:432,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685567348325%7C%7C386b90e99741f0bf5f063b1df4e8c4ea%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7C2736b608f0bbb78a2b088d5f3897acad%7C%7C785ccef0b28a88652017fd3e3150bcde%7C%7C14c91c16ed3de42567e8afeaf5a5892e%7C%7C1ca2ff793d9b230e7ee8609d9bac3684%7C%7Cfc3e75026e98085adfa79a00198fadf2%7C%7C1663701684%7D
Requested by: Host: f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
URL: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCBA 42 B
174 B 58ms
56ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvofhUTm8mzF4RLvMUJmzkzdvjsrV2xd8BSS0d4W8Z1tsvOapCq5UbP4NikDjja9RtnZJn5-QWYFkIj37dZhMLb8ZxcWyE7zbIVAfxAoQUdr-z7BxVHyigqsQQhEpj_dzDWUPgWIw&sai=AMfl-YQLDE0WNO6BFVNZ39SuwF9klITXQrz2pZ54f8nphNpa2NjiOYgRVsGlO59nlcnwlMnYOnjgFw_nhN6uAWmtMmHrm6UXfzapHPIfP_O94vrWGIXrqF97QqpD79MnvLHe24aKTR3YEDAPlMo-&sig=Cg0ArKJSzKodb26jvvk_EAE&cid=CAQSSwBygQiDQsWYrEmQyDFCLUFhGujmv2GIaM718cvublloI9l7h_UUD7T-CIjxD0ou9fVomw70mRa7wYlAyE8Qan51bQ5njOZisPBu2hgB&id=lidar2&mcvt=1000&p=174,650,424,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3510210174&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685567347413&rpt=269&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41CF 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJ_X2hEY5OD0oQX96iSRqZYnM8jd1HIrYkmIzE7Vs00KcB7jkefyNSuK-6qT4gsLQ0G_lslAkoFGg350X9OpCVc9F1r0_W2NW-wYJ_Vut6iqMct8kNpRwqf0ZK0skDQytJGoMzqw&sai=AMfl-YTlsloiOzdJec0ZY85LXPOrlsEVW58xiRDNhojOINzvzxuQ5n4j31K_8oQcejQHeL0Q9D5Opmpe8kpR_BeomecOzsaZcjabcvZHBcKvFF3Ovj1491ViLO2ZWnuU5SOrbM07g0iTUTP1Pjwq&sig=Cg0ArKJSzC8NVTVi0KGcEAE&cid=CAQSSwBygQiD9VEep-jxS5d_bhcEA8hB68Wof26lE-zDD9w9oBAowX7fe9JHP_hD3fOTgDS8uF7DEpdECXiUB9jUG3uDDO5lv2rtnnnsnxgB&id=lidar2&mcvt=1000&p=546,981,758.953125,1281&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=3510210169&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685567347843&rpt=174&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBA 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=185979354508&version=m202301230201&ct=76&x=1&cor=7474999960292844000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 183ms
182ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeem81,pingTime:1,time:2116,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1115%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1103~0,0~100%5D,as:%5B1103~300.250%5D%7D%7D,%7Bsl:i,t:1115,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:146%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:10 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CCBA 43 B
215 B 183ms
183ms Image
image/gif 2600:1f13:800:7780:388a:4e28:ec95:c591
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=8607c8bc-972a-7d6e-955f-a6be92af37bf&tv=%7Bc:eeem82,pingTime:1,time:2117,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:1115%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1103~0,0~100%5D,as:%5B1103~300.250%5D%7D%7D,%7Bsl:i,t:1115,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tFS4Ozj+11%7C12%7C13%7C14%7C15*.1475223-71249284%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:146%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:388a:4e28:ec95:c591 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 21:09:10 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsvidex.com/	1970-01-20 21:48:47	Name: _ga_J2YRJREY02 Value: GS1.1.1685567346.1.0.1685567346.0.0.0
.newsvidex.com/	1970-01-20 21:48:47	Name: _ga Value: GA1.2.1586909333.1685567347
.newsvidex.com/	1970-01-20 12:14:13	Name: _gid Value: GA1.2.1896034888.1685567347
.newsvidex.com/	1970-01-20 12:12:47	Name: _gat_gtag_UA_247050099_1 Value: 1
.openx.net/	1970-01-20 20:58:23	Name: i Value: f3091fca-a22a-41b3-b9e0-f9720a54ab7b\|1685567347
.criteo.com/	1970-01-20 21:34:23	Name: uid Value: abdd69fe-9797-42d6-b900-38b63be60e6a
.doubleclick.net/	1970-01-20 21:34:23	Name: IDE Value: AHWqTUko3QJ7VyX99BsLZiJYYahbgg3ydQA9KUk7SSAPXxixZZsPs_2krG9x9TD6EDU
.casalemedia.com/	1970-01-20 20:58:23	Name: CMID Value: ZHe3c7aM0r4tDT6TTYdvrgAA
.casalemedia.com/	1970-01-20 14:22:23	Name: CMPS Value: 2141
.casalemedia.com/	1970-01-20 14:22:23	Name: CMPRO Value: 2141
.adnxs.com/	1970-01-20 14:22:23	Name: uuid2 Value: 8943466914909333531
.newsvidex.com/	1970-01-20 21:34:23	Name: cto_bundle Value: QC6cWl9kRWNib2R4cWNYNTF0WGxQRTM5Y1EzV1RndERUMVhUN1ZWNjBaWUdSdmFSJTJCbTlGTWZIVG52N3NKJTJCRGxOcFNOMUtRbiUyRnFsZEczeThuYU83YkhEVVpsQ3pjaTRKVzBKM1NuJTJGMm5wVFdDJTJGUE1McFpXSFVLJTJGZXNPJTJGbyUyRkR2RHBMJTJGemI0MlJ5UiUyQjJiU2lpM1F4VGtlaWdCdyUzRCUzRA
.adnxs.com/	1970-01-20 14:22:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>rg_yi!]tbPl1M>e)ZlrFUfJ+tGXxoiISu*.HQJoOKF314F3c0r>N.[bQ<<>zuH4+/3If)y3KL9D3I?+wBt3JB
.doubleclick.net/	1970-01-20 12:12:48	Name: test_cookie Value: CheckForPermission
.newsvidex.com/	1970-01-20 21:34:23	Name: __gads Value: ID=586b4971d30d23c2:T=1685567347:RT=1685567347:S=ALNI_MaHi-0OJRyacVQ5dwZIhSA3Ry4W1A
.newsvidex.com/	1970-01-20 21:34:23	Name: __gpi Value: UID=00000c3a6f25b21d:T=1685567347:RT=1685567347:S=ALNI_Mb8MAGoY-Q5CTFq1Os7axmkLHRTHQ
.doubleclick.net/	1970-01-20 12:12:50	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
f6a2d9fc63139c30eaea1f680ad1e3a6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
newsvidex.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
videx.slidetext.xyz
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.145.66
142.250.186.34
142.250.186.98
162.19.138.118
178.250.7.13
185.80.39.216
2001:4860:4802:32::36
2600:1f13:800:7780:388a:4e28:ec95:c591
2600:9000:2057:1800:a:e047:753:be1
2600:9000:223f:1c00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:3031::6815:3f5c
2606:4700:3033::ac43:911b
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:f::213:7edc
2a04:4e42::485
2a06:98c1:3120::3
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.190.39.111
37.252.172.123
52.212.200.11
54.72.36.188
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
039f4f6707a9960c31a82f09c37343657986f24beca2e17f118e394aae9fd61b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d376e780bcc5c6dd54272d535a39e4346ac241d12870b555cd85b4ad734ea40
0f6ff27c5890227023081cc25120b1d4079f18595719452d5ecbe2a5a89b8965
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
21cc19ebfbfa5aa7eea33b08c4bc84780166b72245aa254f8ea59173050d1a89
24b1a1bc69ee8ddeb66c6ba461ef65f385b91f33425fa9b5184b86c85d75789e
2592fccd44d05fbbf8eb7180dea322b12a01759066348b886409974556007d48
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28ff6e0765548f602ff2a918f77e56e75ac91ec57cb4a89091fe73a94d22cc55
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341aabf0136ff91a0b217d47f7d3cd1aca34be3c01c16ba6da65ea8cb9dd7e34
364a5c27d2ac8b5f566046597a12ab16fcb1bacc833561b04ea9ea7837ff4cd1
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
3860159a79dfe110b5ddb3394443c46bf5ec1af3e95bfa898cfcb6fa2c940b6f
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3ba5ced30dc202e872b6bf534ebdcff1eff7c012739f6d5b1147f035eb4ff819
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c05cdeb4708b33a0fd6b505737f78b0d3b0aaaf29197b2ecc0abcc35de612ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a2da971256e9b7e47537be1d6e96f4da7ab1ab9274137cf2156f25a812ae759
5a68bd47337d24bfad49cda4c4427a9abdf8d09d1a52c09819dfeebb08442245
5fcd13ff73e6f08142330a01a103472b42f3b400ce7a058a7e13cc57fb67ba0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634154a794d95a39d31d0d51457098fc5ade6e7a19b47949a41b5f97b32ff227
6458f6ab36bab1309374c9f6213a9e962c5a2ca3f572faf474a2b0780b07797b
64d8b90f5b453ad0e19e7ee11724f05a2e2343cf9c8f5ffba9f55b8e79f24781
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ae86746bb84672f3aa13b98d38acc5bea34b389d93389dc42a5656119b57b0
72a0bfe74654a39eb0c6b6a9009ed69ffcc224eaf304306ca2c042f94e54438b
759e721fbf87f8de9aff0ce6d79f7cff7bc87b89ac9c5b06dcf881e704ae8c43
761b4560abf14bf5e4de99a07dcb54acc85a36305c020110cca8e1ae56fbdb9d
787ed1e9f233b4252d8ed16a2ffe349ae6d520261f22eac2d2d543740878db1f
7d3d3e006fed403fe21adad67236246365b16a1b00baca471bfa3f9552424146
832e853ddf5ad4669001e0d65e248658663d432dd2fdaade12f5b46378d36107
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2da4035b64bd560a43c5d0ca0a8bce3ae72bb724563284c98d435f071a7a052
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
aedaaa674ee2b65204a2982354ebf1d005aef71bdbcf86c13e998be29640b717
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c3c46a5d4705381ab41e753e1566c3f617865787f76791335ac67c901782d4
b5b1c21d289ecbf1f6d5bf0ca42a593f2dc94433f009ff948b07e2f3e0b59ea1
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c2902e5c19fbbe4b0c6bcbfb1ef627bf4a75df212eed136d0aa260d4913b9e2d
c54e0b595aa8298e7391b271be3ac496b01b7bd54e5a72ea2621404438b845b3
c95cdf0fcf4b02d8705a9b266c4125e59128edcc4fb0d5833abe35c3f8d46aa7
ca23e5f1a7037e6c6d8979a2f9864d021854d4ade0a20b27fe891ad883f82c16
cda61b2f561931e2a58bfaf1554e86ffd94e08b5dd29c4d515170e5834f4e629
ceb657c8807e0d1ccf34ac2f99271c3c00a8404bbe72e43645872c6f2993b3d1
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
ded26ed14c8fcb1ecfb6b333c738b9ca5a2a2d69e9cb0e6147ec61333d963f40
e2c470f6a03716a738a3b4639a161ef4d0d3572426eddac5ffc890271a06e148
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee6f6515148c0e0daec50262a4685e70ef06bed18f84334c29b38da8c29d1e03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f831c9f5476673ec38d8560d2b1ccfcc7fdfaa8b76feb2dc4e897c525feaada9
fa007a6b8cd89f8829ef2abbc9f843e1fd18961999cdd3eed7ba9952413110d3
fc4f2ba34a3c62f6ebbd6c47b722218a218090757a7728a0c11c9fdffac6de73
fe3b62b4fa6b83072e31681bb6771d2bf7c4d09f7d80472b0eb53ac762c591fa
fe628d4a9bc4c23ff7a6fb56823106175d2c6d2692ecbf15c289b4d3cb2cd639

newsvidex.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

94 %HTTPS

65 %IPv6

26 Domains

40 Subdomains

39 IPs

5 Countries

1854 kBTransfer

4549 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsvidex.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

94 %
HTTPS

65 %
IPv6

26
Domains

40
Subdomains

39
IPs

5
Countries

1854 kB
Transfer

4549 kB
Size

17
Cookies

122 HTTP transactions
3 data transactions