all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://185.218.124.16/?Z289MSZzMT0xNjYxMDAwJnMyPTE5NzUxNjk1NiZzMz1CRQ==
Effective URL:
https://all-news.co/
Submission: On June 25 via api (June 25th 2023, 1:38:35 am UTC) from BE — Scanned from DE

Summary HTTP 166 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 24 domains to perform 166 HTTP transactions. The main IP is 5.189.131.58, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is all-news.co.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.218.124.16 185.218.124.16	51167 (CONTABO) (CONTABO)
1 35	5.189.131.58 5.189.131.58	51167 (CONTABO) (CONTABO)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.212.95 52.222.212.95	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
3	18.173.190.175 18.173.190.175	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::272	54113 (FASTLY) (FASTLY)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	52.94.233.131 52.94.233.131	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.94.222 54.93.94.222	16509 (AMAZON-02) (AMAZON-02)
4 13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	18.197.42.180 18.197.42.180	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c153:9878:d174:5b1b	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.170.136.222 54.170.136.222	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26da:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02	14618 (AMAZON-AES) (AMAZON-AES)
166	28

1 185.218.124.16 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi1333123.contaboserver.net

185.218.124.16	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 5.189.131.58 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi481268.contaboserver.net

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.212.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-212-95.fra56.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.190.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-190-175.muc50.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.233.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.94.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-94-222.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.42.180 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-42-180.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c153:9878:d174:5b1b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.136.222 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-136-222.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	546 KB
35	all-news.co 1 redirects all-news.co	7 MB
29	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	176 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	194 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 957 static.adsafeprotected.com — Cisco Umbrella Rank: 628 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	99 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	119 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
6	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 9001 ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 19341 wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 26286 fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 8125	18 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	6 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	224 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	451 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 601	363 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	713 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44520	610 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	464 B
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 481	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	601 B
166	24

	Domain	Requested by
35	all-news.co	1 redirects all-news.co
24	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com all-news.co
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
9	s0.2mdn.net	all-news.co s0.2mdn.net googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
3	wms-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	all-news.co
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects all-news.co
2	sync.teads.tv	1 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	fls-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
1	m.media-amazon.com	ws-na.amazon-adsystem.com
1	ws-na.amazon-adsystem.com	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z-na.amazon-adsystem.com	all-news.co
166	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
all-news.co R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-18` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-16` - `2024-01-21`	10 months	crt.sh
wms-na.assoc-amazon.com Amazon RSA 2048 M01	`2023-03-21` - `2024-01-14`	10 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-19` - `2023-10-18`	a year	crt.sh
fls-na.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://all-news.co/
Frame ID: F7DC839E062BE2B02D795EA193F819DC
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: E1CC5D5B1AE2A55CEADCB6C4225F71CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1687657106&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657106858&bpp=9&bdt=334&idt=99&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&nras=1&correlator=641373793157&frm=20&pv=2&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=138
Frame ID: 6BC207B79099F2F2B6B2A9DB7D2ECDAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1AC55D8485410CFD09833D217D3CBB87
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: F648F38F15C9FE3447686E2EDC5ED76B
Requests: 14 HTTP requests in this frame

Frame: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Frame ID: 185943EEDC0B19328C522A2A57E9E222
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CBD3D0FF7454F5C6CBB60F967B3AA0F9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C1A69E2E89687A82F2D7648BD8EE13B6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1687657107&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657107510&bpp=15&bdt=986&idt=15&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ETRApd7VSR&p=https%3A//all-news.co&dtd=22
Frame ID: B57DCA6948A7DA553E22C504C40AD00B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A61827E76015B2D34BE7F1CF04097850
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: CC8658FA19DC7863A50BBACD152A940B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 68C0EFB925067AC93A92F59B3F9494ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8595063B563536AD52E8A2DD3458067
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Frame ID: EAB30EA5C87DCBA4F56A5227DA38A956
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 465B49F4B566E92A2A4405FBE7CFFCE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D3EF60B448854A5CD1C6272FA7E7A45
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AACD83E72AE3F883764E66151E01178
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUfzVSpGrjFFw7Q_tW6X9Z7WBjHp9x3LrB6Y8GMha3DwW77VRtoHnoHXICumevxMr43DK3q4aymUwg1vbJiJ-LBIZ13NaRSIBuecid7oDfl0JNuGqbt07iTFMbriOqfirGALuoSv3D4rHcvbqz4bCWdpmyAIPAfcH3OqE3XO1dJBxevXT0
Frame ID: 7EAACBCB04D5A900941AECA0464F38D6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8D80B9ED914AA09DB6623FC9C161DABD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 749456034B77FD0988B62A310663695A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: B55684130FC16EB67DE69F893D366B4C
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F173BBE7651A4ED4B28BED7DC62348F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - All-News

Page URL History Show full URLs

http://185.218.124.16/?Z289MSZzMT0xNjYxMDAwJnMyPTE5NzUxNjk1NiZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

166
Requests

93 %
HTTPS

44 %
IPv6

24
Domains

34
Subdomains

28
IPs

7
Countries

9052 kB
Transfer

11485 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: Subscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://185.218.124.16/?Z289MSZzMT0xNjYxMDAwJnMyPTE5NzUxNjk1NiZzMz1CRQ== HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZwlQu9-cIK2FetYE-GvJrqIAHhaOiLAVDO1u-OC-d4AsVepf3WIBTY1qdk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZwlQu9-cIK2FetYE-GvJrqIAHhaOiLAVDO1u-OC-d4AsVepf3WIBTY1qdk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YlVVdGhBWUgxUWRlSFc1&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZwlQu9-cIK2FetYE-GvJrqIAHhaOiLAVDO1u-OC-d4AsVepf3WIBTY1qdk

Request Chain 90

https://um.simpli.fi/gp_match?google_gid=CAESEEzhuYdIStvFu-bPs-UZ7kU&google_cver=1&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYkdJVtcJXtab9XA5nA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFF830C7F6BE4D97B8F1666B7D7ACA77&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYkdJVtcJXtab9XA5nA

Request Chain 91

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFjU47l5fE9oetpXS15zzM&google_cver=1&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq66OynHPJ_QcKZki1ut0uo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq66OynHPJ_QcKZki1ut0uo&google_hm=lwesacUjRd2rtXX8zPhlTAU

Request Chain 92

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMHjF-sBsdl5assgwmkfsGA&google_cver=1&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMHjF-sBsdl5assgwmkfsGA&google_cver=1&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g&google_hm=A0rJYffoSrGrrbRQ7I3Dhg==

Request Chain 93

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBNWHjeyBSv5d8gM97CJ-jk&google_cver=1&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCuvstzuBIs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCuvstzuBIs&google_hm=eS1sR2pTUW5oRTJwRXExTUVVT2hiMHBoaGhZeGNBSjBNcn5B

Request Chain 94

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLp2e8tXDFIqsF9SmoZHG8&google_cver=1&google_push=ATf1kGPcN-c5IdfhVNp0mPCoyvRbZ35hfvViJFOzag5VyX7Y1gnVhFssTzG9TwD4DU9pAi0Hvv-zJ6rAa25zH1VvdeIMOYsZjozekVDP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPcN-c5IdfhVNp0mPCoyvRbZ35hfvViJFOzag5VyX7Y1gnVhFssTzG9TwD4DU9pAi0Hvv-zJ6rAa25zH1VvdeIMOYsZjozekVDP HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1&C=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJealM5VdyAQejiOLRx-wQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHloBkPe5_n0UEn3vaSWzww&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHloBkPe5_n0UEn3vaSWzww%26google_cver%3D1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2ODgwMjc1NzMxNDYwMDQ5Nw%3D%3D

Request Chain 145

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL9NMlME3CeBUFW_UcQKidI&google_cver=1&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lxaILliyvdtJ6DiTw-Cs1_VMQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL9NMlME3CeBUFW_UcQKidI&google_cver=1&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lxaILliyvdtJ6DiTw-Cs1_VMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAyMDQ4Mzc4MDY4MDAwMDg1Mw&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lxaILliyvdtJ6DiTw-Cs1_VMQ

Request Chain 151

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8439024877331049&ias_chanId=1&ias_placementId=19429846202&bidurl=https://all-news.co/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iBFzz6dKzgyjk-lMcUozcG&adContainerId=brand_safety_lJqXZMOlMIi4x_APhs-tyAo&cbFunctionName=goog_wrapCb_lJqXZMOlMIi4x_APhs-tyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fall-news.co&adsafe_type=y&adsafe_url=https%3A%2F%2Fall-news.co%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8439024877331049%26output%3Dhtml%26h%3D250%26slotname%3D1203090826%26adk%3D3296947953%26adf%3D4134590787%26pi%3Dt.ma~as.1203090826%26w%3D300%26lmt%3D1687657108%26format%3D300x250%26url%3Dhttps%253A%252F%252Fall-news.co%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1687657108366%26bpp%3D1%26bdt%3D1842%26idt%3D1%26shv%3Dr20230620%26mjsv%3Dm202306161001%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1c14c2c5bfe874d0-22d7295ee5e10068%253AT%253D1687657107%253ART%253D1687657107%253AS%253DALNI_MYRA3n__wYScDvARiaozIrzMileVw%26gpic%3DUID%253D00000c67b3fcef17%253AT%253D1687657107%253ART%253D1687657107%253AS%253DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A%26prev_fmts%3D0x0%252C1600x1200%252C1005x124%252C1068x280%26nras%3D3%26correlator%3D641373793157%26frm%3D20%26pv%3D1%26ga_vid%3D1648884933.1687657107%26ga_sid%3D1687657107%26ga_hid%3D238809044%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1022%26ady%3D3151%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31075474%252C44788441%26oid%3D2%26psts%3DABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%252CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ%26pvsid%3D68847006560158%26tmod%3D1886300635%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3Dw5irsUuttH%26p%3Dhttps%253A%2F%2Fall-news.co%26dtd%3D6&adsafe_type=d&adsafe_jsinfo=,id:86c7d1ad-454e-4798-99f5-f99c1d983371,c:gvELWg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-dcnsb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:fc57686b-12f8-11ee-b5ff-36fead3b32a8,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_lJqXZMOlMIi4x_APhs-tyAo&cbFunctionName=goog_wrapCb_lJqXZMOlMIi4x_APhs-tyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

166 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
all-news.co/
Redirect Chain

http://185.218.124.16/?Z289MSZzMT0xNjYxMDAwJnMyPTE5NzUxNjk1NiZzMz1CRQ==
http://all-news.co/
https://all-news.co/

607 KB
607 KB

859ms
792ms

Document
text/html

5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 / PHP/8.0.27
Resource Hash: 961c67b0170887af7d2a8eadc204d51dc9b416437f6098c39dc44afd2fbfbeff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Jun 2023 01:38:25 GMT
Keep-Alive: timeout=5, max=100
Link: <https://all-news.co/index.php?rest_route=/>; rel="https://api.w.org/" <https://all-news.co/index.php?rest_route=/wp/v2/pages/957>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
Transfer-Encoding: chunked
X-Powered-By: PHP/8.0.27

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 25 Jun 2023 01:38:25 GMT
Keep-Alive: timeout=5, max=100
Location: https://all-news.co/
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 137ms
17ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4904-5f8177dd7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18692

GET
H/1.1 200
OK style.min.css
all-news.co/wp-includes/css/dist/block-library/ 95 KB
96 KB 52ms
17ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "17ced-5f8177dd6e752"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 97517

GET
H/1.1 200
OK classic-themes.min.css
all-news.co/wp-includes/css/ 291 B
605 B 52ms
18ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "123-5f8177dd6b872"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 291

GET
H/1.1 200
OK style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
37 KB 54ms
17ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "92ec-5f71c1544542e"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37612

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 01:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 23:41:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 01:38:26 GMT

GET
H/1.1 200
OK style.css
all-news.co/wp-content/themes/Newspaper/ 149 KB
150 KB 54ms
16ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2557c-5f71c14ef049f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 152956

GET
H/1.1 200
OK td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
161 KB 54ms
17ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2828e-5f71c154f25ad"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 164494

GET
H/1.1 200
OK tdb_main.css
all-news.co/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
34 KB 70ms
20ms Stylesheet
text/css 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "882f-5f71c15bec76d"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34863

GET
H/1.1 200
OK jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 88 KB
88 KB 98ms
27ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "15ed7-5f8177dd72da2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 89815

GET
H/1.1 200
OK jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 13 KB
13 KB 120ms
20ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Thu, 30 Mar 2023 05:37:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "3470-5f8177dd71e02"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13424

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92a8b08b7e8a1f2e11a857a885c0751f668a6ebc19dd8253ae623c6f669efa38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48572
x-xss-protection: 0
server: cafe
etag: 8057875867532887153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:26 GMT

GET
H/1.1 200
OK ALLNEWS-logo-final-1.png
all-news.co/wp-content/uploads/2022/12/ 107 KB
108 KB 18ms
17ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2022/12/ALLNEWS-logo-final-1.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 30 Dec 2022 18:13:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1ada4-5f10f8fb79eed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 109988

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 24 KB
8 KB 26ms
7ms Script
application/javascript 52.222.212.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.212.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-212-95.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 0737997ad501f9d2933657f8aaa4aae1986e8b790fb68bfe7a8dd959a9a1bfd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: Public
date: Sun, 25 Jun 2023 00:57:19 GMT
content-encoding: gzip
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 2467
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=86400,s-maxage=86400,no-transform
content-length: 7987
x-amz-cf-id: ieVazboHMRCk7Hs2TEDyfoTZcVJsaYKPNsGPqTh0ku0GemEWVHkhdw==
expires: Mon, 26 Jun 2023 00:57:19 GMT

GET
H/1.1 200
OK mobile-bg.jpg
all-news.co/wp-content/uploads/2023/01/ 43 KB
43 KB 17ms
17ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "abd5-5f1eb56bff015"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43989

GET
H/1.1 200
OK newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 18ms
18ms Font
application/font-woff 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:26 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "82d0-5f71c14ef1057"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33488

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 71578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 05:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 38ms
18ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 184939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 18:07:45 GMT
x-content-type-options: nosniff
age: 113441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 18:07:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 24003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:58:23 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 345 KB
119 KB 62ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31075474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7ebb60587f2291e0d2843a2c5876efa400ce19aa2002b20fd8e3f928650df1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121330
x-xss-protection: 0
server: cafe
etag: 2233889695271800822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame E1CC 10 KB
5 KB 39ms
9ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8439024877331049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 18:57:02 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 18:57:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 46ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8439024877331049&plah=all-news.co&bust=31075474

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

717182e5b93d3a336d737193325720406fbe91278fde46402bd15ab71053de81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 43ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BC2 308 KB
74 KB 171ms
170ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1687657106&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657106858&bpp=9&bdt=334&idt=99&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&nras=1&correlator=641373793157&frm=20&pv=2&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=138

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8e5c25ff155cd8592dc47d5b88f5f8dc94ddfe58d0882350207900e466ccc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75531
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:27 GMT
expires: Sun, 25 Jun 2023 01:38:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 155 KB
52 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/reactive_library_fy2021.js?bust=31075474

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4903599576b192c922bd78c9fd87b1269cf17b32d947c66280be29fdf7894a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53690
x-xss-protection: 0
server: cafe
etag: 10653352101353472954
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame 1AC5 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 18:57:04 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 18:57:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame F648 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 18:57:04 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 18:57:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1AC5 4 KB
767 B 25ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 01:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1AC5 205 B
318 B 100ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:33:47 GMT
x-content-type-options: nosniff
age: 101080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jun 2024 21:33:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1AC5 604 B
919 B 100ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 11:53:21 GMT
x-content-type-options: nosniff
age: 49506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Jun 2024 11:53:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 1AC5 23 KB
10 KB 93ms
2ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:50:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:50:00 GMT

GET
H2 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame F648 8 KB
4 KB 90ms
0ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 22:34:03 GMT

GET
H2 200 3070dffd32135a56ab2ef35705c6f461.js Show response
www.gstatic.com/mysidia/ Frame F648 9 KB
4 KB 97ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3070dffd32135a56ab2ef35705c6f461.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7a4563a945f57c05734db4835005e87401c8fa28f353aa731e96fe6a97db00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 21:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4034
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 21:22:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F648 14 KB
1 KB 22ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 01:11:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame F648 2 KB
973 B 94ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:22:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame F648 22 KB
9 KB 95ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 18:49:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame F648 3 KB
1 KB 97ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame F648 19 KB
8 KB 90ms
2ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F648 179 KB
56 KB 108ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame F648 33 KB
14 KB 90ms
3ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H/1.1 200
200 q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 1859 15 KB
4 KB 332ms
108ms Document
text/html 52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: ff34e1a6f4a8d6782d0535c0023ed3b0153d6ac20ea38f6298e3db9755b483aa

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 3422
Content-Type: text/html;charset=UTF-8
Date: Sun, 25 Jun 2023 01:38:27 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "

GET
H/1.1 200
OK elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 31ms
21ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "10fc-5f71c154f3165"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4348

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb64d7839b696ba84dfbd8f75092021bb719a1e4ef68da07db7f4bf4f431ee11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48593
x-xss-protection: 0
server: cafe
etag: 15287225969968659551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CBD3 14 KB
1 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 01:07:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CBD3 2 KB
926 B 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:22:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame CBD3 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 18:49:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1A6 143 B
166 B 14ms
12ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CBD3 3 KB
1 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CBD3 19 KB
8 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBD3 179 KB
56 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame CBD3 33 KB
14 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B57D 110 KB
38 KB 614ms
613ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1687657107&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657107510&bpp=15&bdt=986&idt=15&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ETRApd7VSR&p=https%3A//all-news.co&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd754ccda7a50b5c0c1e77f0a1c692408d6f59897b8e58101e2b0ac4d61c3892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38640
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
expires: Sun, 25 Jun 2023 01:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK underscore.min.js Show response
all-news.co/wp-includes/js/ 18 KB
19 KB 18ms
17ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4991-5e9aa27ccd240"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18833

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
6 KB 20ms
19ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "14e2-5f71c15becb55"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5346

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
301 KB 21ms
20ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "4b207-5f71c154f160d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 307719

GET
H/1.1 200
OK comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
3 KB 19ms
18ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=6.2.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "ba5-5dc2a2438e980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2981

GET
H/1.1 200
OK js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
185 KB 19ms
18ms Script
application/javascript 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Fri, 17 Mar 2023 17:41:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "2e345-5f71c15becf3d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 189253

GET
H/1.1 200
OK footer_bg.jpg
all-news.co/wp-content/uploads/2023/01/ 105 KB
105 KB 17ms
17ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
Last-Modified: Tue, 10 Jan 2023 16:25:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1a481-5f1eb56835892"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 107649

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300&display=swap&ver=12.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://all-news.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:28:20 GMT
x-content-type-options: nosniff
age: 202207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 17:28:20 GMT

GET
H3 200 8557689888840265056
tpc.googlesyndication.com/simgad/ Frame F648 10 KB
10 KB 16ms
16ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8557689888840265056?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce785898e1e223cefbf23ad4a6ac018b9b321f6853933a2c77a4e02fb7be79dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 22:12:47 GMT
x-content-type-options: nosniff
age: 12340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 13:11:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 22:12:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F648 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLo8uk5qXZOVrucnv9Q_WsZWgDvifhqpk9KbvossRpvGG46ACEAEgzNPsggFglYKAgJgHoAHIwo2vAcgBAakCNsTwkR9Hsj6oAwHIA8sEqgTfAU_QXuyjUmzvwxDCVPCXlmdlJGaeXPDPk8gMNjIyPF18KLncX5_jmrFg0qjpcRRpsNVWF83pelRNlkFIepYdamcswxHqJESMfIMstLf8GG9ikQDyZdkPEozAf9XHpIMkWie4xaskAg2wvP1L1rvyjLrZygQO-MbhMTK1UOWY0qdzDKsyc-W7zDuJZOYMnHx7q3sFdccasRvB-Yc9MOdzqGZ-mBlRbuJ_9JgZlDoKpDyX-nWjmOele5h0YaauI5xcBMNaPMErGJVyjvjkPgoUGDD8ckqi7zcLon3g4AT6GEvABJ_X37vSA5IFBAgEGAGSBQQIBRgEgAegvfLQAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJGKKdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItODQzOTAyNDg3NzMzMTA0ORgA&sigh=syMtlovKM5I&uach_m=[UACH]&cid=CAQSGwBygQiD1ih9BJ7b_rPULFz6yVwIlnfk3jtBbBgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Jun 2023 01:38:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 01:38:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A618 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 1859 1 KB
2 KB 109ms
14ms Image
image/png 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 02:37:40 GMT
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:39:28 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 514847
etag: "593-5fd19f2897c1f"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1427
x-amz-cf-id: zH03WXRD3JOwBJTbdrNq4WG4Tq528BU9SvM2wWGoGomlHNMk5M7ifg==
expires: Mon, 26 Jun 2023 02:37:40 GMT

GET
H2 200 41-rSOtoD6L._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 1859 3 KB
3 KB 34ms
10ms Image
image/jpeg 2a04:4e42:200::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/41-rSOtoD6L._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 728adcdb5284e2608b055196b04f19eca24089de97faa8374d9bb69204845bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 03 Jun 2043 13:13:52 GMT
date: Sun, 25 Jun 2023 01:38:27 GMT
last-modified: Tue, 15 Nov 2022 01:42:51 GMT
age: 1427076
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: max-age=630720000,public
x-amz-ir-id: 5778e205-5c98-4efd-8d15-4b5d07fbb43a
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3144
x-served-by: cache-iad-kiad7000082-IAD, cache-fra-eddf8230114-FRA

GET
H2 200 prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 1859 3 KB
4 KB 55ms
14ms Image
image/png 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:30:56 GMT
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 16:49:16 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 2502451
etag: "d1d-5f9c7522fbb5c"
x-cache: Hit from cloudfront
content-type: image/png
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3357
x-amz-cf-id: tT8AVHinEmksUdZUh6eDEbtN-liT_OcbhMr0v5gZCu7tFrCPNmnZVw==
expires: Sat, 03 Jun 2023 02:30:56 GMT

GET
DATA 200
OK truncated
/ Frame F648 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51caacc2cf71b67ee9659442c7195c9ddcd40b046eeb873ba466e6a17ab95cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
17ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:27 GMT
expires: Sun, 25 Jun 2023 01:38:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 1859 43 B
200 B 319ms
100ms Image
image/gif 52.94.233.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1687657107920&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22health0b30-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fall-news.co%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.94.233.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:27 GMT
x-amzn-RequestId: 03ed658a-da00-40a0-b9c0-df04dadd8cd8
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 1859 341 B
713 B 19ms
14ms Image
image/gif 18.173.190.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=health0b30-20&language=en_US&marketplace=amazon&region=US&placement=B09WJ81YMW&asins=B09WJ81YMW&linkId=a0e15d6a31b1d719c6e31e8467e54c26&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.190.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-190-175.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 01:29:32 GMT
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 23:28:11 GMT
server: Server
x-amz-cf-pop: MUC50-P4
age: 259735
etag: "155-5fd19ca299202"
x-cache: Hit from cloudfront
content-type: image/gif
charset: UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 341
x-amz-cf-id: wTghEPDkRvry594k1ATqfgs3P1Vrq_Wazbht0CRDnt0pGIDQ9de_HQ==
expires: Thu, 29 Jun 2023 01:29:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A618
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
expires: Sun, 25 Jun 2023 01:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame CC86 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 17:03:11 GMT

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 68C0 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 17:03:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B57D 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1687657107&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657107510&bpp=15&bdt=986&idt=15&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ETRApd7VSR&p=https%3A//all-news.co&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 00:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jun 2023 01:38:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B57D 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:22:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame B57D 22 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B57D 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B57D 19 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B57D 179 KB
56 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:28 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame B57D 33 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B57D 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3PUak5qXZPvuIcDG7_UPquGCoA_HvcbocICErfaKEeayq46MDhABIMzT7IIBYOECoAHv_O65KcgBCagDAcgDywSqBN8BT9C_VC0lZsgx6DwHGwpAWG5oCc33Ck_gu9Q0wTBJInb1mqyBthj-nobKokPNBMB6r5GSgDGLIeh9_xxd4yRArSALQt0m04gM1dN7Fyl8z8a91JJ4gQdIjcq21aDeTe8iiQi7t9_Wn30zV2zUKHR7gxayhWpTU42XW2_ZohXcEOhd8e6VB0eknmyS1Rwl6wYGTnWkIundqcTJwjR8noyiuKJR3YeOcUzqp8_kYFEktCE_lwibElUH6h5nahChveM_KiYfR4SLqvEUmdQAZIHymsSRTVEfazP46SmvDxDgXcAEjIbSmKYEiAWyqYCUSpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfvtL-ZBKgHkKyxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM76AtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5GAA&sigh=Iit_BiI6Kfw&uach_m=[UACH]&cid=CAQSOwBygQiDxSSLingMXcz2XkaU7VsMh64nYgbTN_9StumzxkocZ4dSVWM7qlUklLqiVqzSlFuq_52SduD0GAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&slotname=2116234747&adk=3043416324&adf=3478627987&pi=t.ma~as.2116234747&w=1068&fwrn=4&fwrnh=100&lmt=1687657107&rafmt=1&format=1068x280&url=https%3A%2F%2Fall-news.co%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657107510&bpp=15&bdt=986&idt=15&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&pvsid=68847006560158&tmod=1749850583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ETRApd7VSR&p=https%3A//all-news.co&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Jun 2023 01:38:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11464101489019070296/ Frame B57D 33 KB
33 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11464101489019070296/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0a2afaef2da38d77b9aa0e808f5b8e76b315e54ca06d340bada63422e3c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:26:21 GMT
x-content-type-options: nosniff
age: 15127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33294
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 14:55:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 21:26:21 GMT

GET
DATA 200
OK truncated
/ Frame B57D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B57D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A859 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sun, 25 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B57D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 811fd355e10a746397b20774a021639057906deae91cea7e48a3ae68331ca961

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B57D 33 KB
33 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:33:48 GMT
x-content-type-options: nosniff
age: 101080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 21:33:48 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A859 35 B
464 B 114ms
21ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJI0VEEhMe6C79mbLJ4Yyb4&google_cver=1&google_push=ATf1kGOefU2GnbRKBTmdWm70EiJWIf86tbife__5TsHJY-pHt4vwSFrC5EdmAvPU3CMC-pofHdpr4EczoKrVIp_N0VBFkhF31TVgOQ0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A859
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YlVVdGhBWUgxUWRlSFc1&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZw...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YlVVdGhBWUgxUWRlSFc1&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZwlQu9-cIK2FetYE-GvJrqIAHhaOiLAVDO1u-OC-d4AsVepf3WIBTY1qdk

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YlVVdGhBWUgxUWRlSFc1&google_gid=CAESEEApxJibMW4prrDqTsAReiQ&google_cver=1&google_push=ATf1kGNNOjF4CZ95BikubbggXYDygqA0KMOH1EyMCriAVZwlQu9-cIK2FetYE-GvJrqIAHhaOiLAVDO1u-OC-d4AsVepf3WIBTY1qdk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A859
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEzhuYdIStvFu-bPs-UZ7kU&google_cver=1&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYkdJVtcJXtab9XA5nA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFF830C7F6BE4D97B8F1666B7D7ACA77&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYk...

170 B
232 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFF830C7F6BE4D97B8F1666B7D7ACA77&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYkdJVtcJXtab9XA5nA

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 01:38:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AFF830C7F6BE4D97B8F1666B7D7ACA77&google_push=ATf1kGPuYi5ydHUwuws26rGYn5c3za87eqGGvaMc1gpLUnaqnt-_Oddt0V1seQjT3ewpudBiLqe0khB7bl-EwYkdJVtcJXtab9XA5nA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 24 Jun 2023 01:38:28 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A859
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOFjU47l5fE9oetpXS15zzM&google_cver=1&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq6...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq66OynHPJ_QcKZki1ut0uo&google_hm=lwesacUjRd2rtXX8z...

170 B
243 B

20ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq66OynHPJ_QcKZki1ut0uo&google_hm=lwesacUjRd2rtXX8zPhlTAU

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMHCnfrk9ZtYGCAqdGMbwynl4pbTBoV_gSsP0_MciFOK-Fj3fjx3wDQEg8QFLPiAOha0Sok_8V9Xq66OynHPJ_QcKZki1ut0uo&google_hm=lwesacUjRd2rtXX8zPhlTAU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A859
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMHjF-sBsdl5assgwmkfsGA&google_cver=1&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhG...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMHjF-sBsdl5assgwmkfsGA&google_cver=1&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFL...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g&google_hm=A0rJYffoSrGrrbRQ7I3Dhg==

170 B
188 B

23ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g&google_hm=A0rJYffoSrGrrbRQ7I3Dhg==

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g&google_hm=A0rJYffoSrGrrbRQ7I3Dhg==
date: Sun, 25 Jun 2023 01:38:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A859
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBNWHjeyBSv5d8gM97CJ-jk&google_cver=1&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCuvstzuBIs&google_hm=eS1sR2pTUW5oRTJwRXE...

170 B
232 B

20ms
19ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCuvstzuBIs&google_hm=eS1sR2pTUW5oRTJwRXExTUVVT2hiMHBoaGhZeGNBSjBNcn5B

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 25 Jun 2023 01:38:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPTQYSdLBkoY8mKsy5pTymoc7p9xEyurUCI0dainhc8JHXMg9DSPfc4uF8gxPFgqh0omBBFQ0qsjmxJ1lMv3Mn4GCuvstzuBIs&google_hm=eS1sR2pTUW5oRTJwRXExTUVVT2hiMHBoaGhZeGNBSjBNcn5B
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame A859
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECLp2e8tXDFIqsF9SmoZHG8&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPcN-c5IdfhVNp0mPCoyvRbZ35hfvViJFOzag5VyX7Y1gnVhFssTzG9TwD4DU9pAi0Hvv-zJ6rAa25zH1VvdeIMOYsZjozekVDP
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
35ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sun, 25 Jun 2023 01:38:28 GMT
pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A859 0
139 B 42ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOZaDnGdgBX9sq5vPXyEv1pDStBoWp5iq_WHiuzZxK2zvL87chclZl2Wc2eOzp0nWVPt0-xg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 22ms
22ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4cca7f62e13a09b1df5e7972adf813d6fd10fb7b1bd1430afd29f1829fd26a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11239
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAB3 22 KB
10 KB 306ms
306ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e06cf17b7cb22eb519b2b934056af3868761abcd6f023f578b00f6b22e79389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 10420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 4829-kevin-durant-invades-twitter-chat-rips-fans-discussing-his-ranking-how-yall-consume-the-game-is-trash.jpg
all-news.co/wp-content/uploads/2023/06/ 72 KB
73 KB 29ms
29ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4829-kevin-durant-invades-twitter-chat-rips-fans-discussing-his-ranking-how-yall-consume-the-game-is-trash.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a4f9d1585ffe85d58e4d32708078cc47cb1b00ad3bf5f224596779f87a4ec26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "121c5-5fee8ae2a77b8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 74181

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 465B 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 17:03:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Jun 2023 01:38:28 GMT

GET
H/1.1 200
OK 4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
all-news.co/wp-content/uploads/2023/06/ 111 KB
111 KB 23ms
22ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 05ababce40e3e620b932d6b92130b84286959881fe13ff67aa4c3394842290b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1bc9f-5fee8ae3024d3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 113823

GET
H/1.1 200
OK 4827-marketwatch-why-victor-wembanyama-could-be-worth-over-80-million-a-year-to-the-spurs.jpg
all-news.co/wp-content/uploads/2023/06/ 100 KB
101 KB 21ms
18ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4827-marketwatch-why-victor-wembanyama-could-be-worth-over-80-million-a-year-to-the-spurs.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 21ed3e1728339b65bcaf90cf6752f4039462e39fcce105d3ab65abf46cce7ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 15:43:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "19117-5fee1f9daf885"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 102679

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D3E 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 15:17:43 GMT
expires: Sun, 23 Jun 2024 15:17:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7AAC 783 B
534 B 27ms
26ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb9c5ace5ae2745c046e6d33482d3a3bc26c111ef03b88248695b34133cdf581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nPKaNmBuQsS957nx8aIL8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://all-news.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nPKaNmBuQsS957nx8aIL8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
expires: Sun, 25 Jun 2023 01:38:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4829-kevin-durant-invades-twitter-chat-rips-fans-discussing-his-ranking-how-yall-consume-the-game-is-trash.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a4f9d1585ffe85d58e4d32708078cc47cb1b00ad3bf5f224596779f87a4ec26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "121c5-5fee8ae2a77b8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 74181

GET
H/1.1 200
OK 4755-harness-unveils-aida-a-generative-ai-assistant-for-software-development-lifecycle.png
all-news.co/wp-content/uploads/2023/06/ 649 KB
649 KB 41ms
27ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4755-harness-unveils-aida-a-generative-ai-assistant-for-software-development-lifecycle.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 6ca208d9c538a259e3762e4a7db2d4fbf5fe3fab0a67019f3cbbb318089c8427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 10:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "a2356-5fedde9ba8802"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 664406

GET
H/1.1 200
OK 4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
all-news.co/wp-content/uploads/2023/06/ 111 KB
111 KB 32ms
27ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 05ababce40e3e620b932d6b92130b84286959881fe13ff67aa4c3394842290b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1bc9f-5fee8ae3024d3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 113823

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7AAC 0
0 50ms
49ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=68847006560158&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D3E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 17:03:11 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4827-marketwatch-why-victor-wembanyama-could-be-worth-over-80-million-a-year-to-the-spurs.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 21ed3e1728339b65bcaf90cf6752f4039462e39fcce105d3ab65abf46cce7ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 15:43:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "19117-5fee1f9daf885"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 102679

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAB3 42 B
65 B 45ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DsCKbwOHgiIEAPbNzwnqIjGu70Zx9AP6Sym3Ns7mteLNauF_ftvltnocbmx_BtgVEk-UXsTZu-CxLnSr3c-bwJbSszAaCYcGu9hGaZX9l7A0IlW6M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAB3 0
22 B 46ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14153551982499634454&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EAB3 78 KB
27 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EAB3 3 KB
1 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:48:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EAB3 19 KB
8 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAB3 0
0 23ms
18ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdoSnPHLeTir9vmBs7qrfqXHk6PyTbc8PDkgM53o7nHkKwoHddmROu2MR6MjMeWr42lBKWyfEirpPHn8edlcVtg4XjkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAB3 179 KB
56 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:28 GMT

GET
H/1.1 200
OK 4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
all-news.co/wp-content/uploads/2023/06/ 1 MB
1 MB 20ms
19ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f2820d4c9969bddb795081b167ff9aa3674d4881100119d6b540506258d68a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 10:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "12b97a-5fedde9c13304"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1227130

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7EAA 624 B
243 B 28ms
23ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUfzVSpGrjFFw7Q_tW6X9Z7WBjHp9x3LrB6Y8GMha3DwW77VRtoHnoHXICumevxMr43DK3q4aymUwg1vbJiJ-LBIZ13NaRSIBuecid7oDfl0JNuGqbt07iTFMbriOqfirGALuoSv3D4rHcvbqz4bCWdpmyAIPAfcH3OqE3XO1dJBxevXT0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Jun 2023 01:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4829-kevin-durant-invades-twitter-chat-rips-fans-discussing-his-ranking-how-yall-consume-the-game-is-trash.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a4f9d1585ffe85d58e4d32708078cc47cb1b00ad3bf5f224596779f87a4ec26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "121c5-5fee8ae2a77b8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 74181

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4755-harness-unveils-aida-a-generative-ai-assistant-for-software-development-lifecycle.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 6ca208d9c538a259e3762e4a7db2d4fbf5fe3fab0a67019f3cbbb318089c8427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 10:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "a2356-5fedde9ba8802"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 664406

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7EAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1&C=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUfzVSpGrjFFw7Q_tW6X9Z7WBjHp9x3LrB6Y8GMha3DwW77VRtoHnoHXICumevxMr43DK3q4aymUwg1vbJiJ-LBIZ13NaRSIBuecid7oDfl0JNuGqbt07iTFMbriOqfirGALuoSv3D4rHcvbqz4bCWdpmyAIPAfcH3OqE3XO1dJBxevXT0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7EAA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJealM5VdyAQejiOLRx-wQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUfzVSpGrjFFw7Q_tW6X9Z7WBjHp9x3LrB6Y8GMha3DwW77VRtoHnoHXICumevxMr43DK3q4aymUwg1vbJiJ-LBIZ13NaRSIBuecid7oDfl0JNuGqbt07iTFMbriOqfirGALuoSv3D4rHcvbqz4bCWdpmyAIPAfcH3OqE3XO1dJBxevXT0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN_DbMgNEZIND9imhb3ttmk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7EAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHloBkPe5_n0UEn3vaSWzww&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHloBkPe5_n0UEn3vaSWzww%26google_cver%3D1

43 B
1 KB

9ms
9ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHloBkPe5_n0UEn3vaSWzww%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNUfzVSpGrjFFw7Q_tW6X9Z7WBjHp9x3LrB6Y8GMha3DwW77VRtoHnoHXICumevxMr43DK3q4aymUwg1vbJiJ-LBIZ13NaRSIBuecid7oDfl0JNuGqbt07iTFMbriOqfirGALuoSv3D4rHcvbqz4bCWdpmyAIPAfcH3OqE3XO1dJBxevXT0

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
AN-X-Request-Uuid: 6e6e46d1-c666-490a-a7e9-b64c4bf869ef
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.57.5; 37.58.57.5; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Jun 2023 01:38:28 GMT
AN-X-Request-Uuid: 203b9847-fc25-4bab-bfef-8aae75538e1b
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHloBkPe5_n0UEn3vaSWzww%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.5; 37.58.57.5; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7EAA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2ODgwMjc1NzMxNDYwMDQ5Nw%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2ODgwMjc1NzMxNDYwMDQ5Nw%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.5; 37.58.57.5; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9b352eff-b8b2-4132-ba9c-1d06bd6b1b4c
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg2ODgwMjc1NzMxNDYwMDQ5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAB3 0
22 B 41ms
40ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2775880104793&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAB3 0
22 B 44ms
43ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2775880104793&version=m202301230201&ct=76&x=1&cor=14153551982499635000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EAB3 101 KB
38 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAQYXdrB5g227JWABbiPHQritUM7W_cO6_Fjw-Q8Br_UOZ-KG3BBE_DLdqq7VDGz0foMjRb4SrDSIT2mfOY2Vvq33NA1zTLwZpDzXUTAnvcC1HSBMSGqIAQZxAGYUlaVrfrhFBnDnhtXnMfSIBlYzhX7_RkhNiF7-RFR_3uq5ndgme05g&dbm_d=AKAmf-BbFCZSq9Tibwp1UgujClMlt_8VLOZdig7k73Oia8W0BKcGAwNyWCnKg9qWqJeelMytLw1HtTctffuWgYqEwSojoeXJEIzqY8EtU3zs6R1dKbofhkNkqk5p3pVqmuDH_boTwOfyTQYd2HEE4lwt9uZRqhpgVojPC4C7wHL-Vx6ZZBJhQbCjTOmDVxBaiFS4lcxeScQbK57H1oNh1QslpOhIygFFijwRA7elEmFz2GAgc9-QJi2s6njh1e_wUXtFsrPNiZLguqISx1i2iioY6lzLUr6urbGxKv6aw9HmEe4kNdAnfUMY3MdGkl6exH_IZDX9QmnYqAdNJWpqu2_cIWvAkHdT1wQkipiCRqnyQ25-BAxbgigjm1JQhHQ_FqVKtTWjes3zrih7XYue1Y_Bki6cDEh5Wr6jewUbWHMtoiMRdP7Aof9RLS-_K1VqXWm_GbxgMrXn7dT7K_mwN-sDudd_9y3ledCEYEfmeFK8J2eKSaz0_Bz9wEeLxGqLHDDYF6ap15kjc-CgSz37L2PrHAIz2dy7cd4974DfSTVmjmvKR_kuPvIIyIGnZhr5rzGKAsGbGCf4RFPWYcr5i52WE4iY5qpUaV9F-uxMz1OYBRv6dGvUhw0znC3_RjtdnEysSsjVS0H21ixl9uWm3LWUTxWDbDxwSM97K5LwxJ7v1PQ8EITcUUhxNubQfzMqfksd6iVVH8FUmTG0CYRs1HnKr5VAyd3OQE8-1zGp9_4RT_2VXQA51GybZrCp1JQR8v9G9ZCSS4X_RHyokuCUZJ6gHO_f-kYkvcHg6uJcJZPHS53iq3MCcDB7rRISQHOGNUB2OOhLttJVf6AXfNhJ3PievRSKLomJMd4_94wX0F26Ee9wjvDuAtiZ_aZ2XRCZSdMrE33EZQVOHA-11dlJhYBFgnUnpKueCmDAZJLw59yBnPK0nDggKbPp-UWurp7w69uqw7Asx_FHsYXfBhxhDcBRbs7ujIBez8hWSHTJzE1cXMcRsQidVt3uEYi2_H4ehgbpsWfkQmVogFDZ5PlAmJuI1Nk2q1RniIEHYDRaK9FFSq1ZSNnx7aKpgqp_sn-0yN9GTAB4Ws2bWM7XVMndBo3hHfNLPMnQG1FqVfHM6aqlUosJX2UI_iBoJOFegHUotEJX4uBu64qvV3FWb2d1EUQk46lEcIcSfpuCRAOGYcjr3RpxWk6w5LuqTLH7F-Nu_RHQ2IfFOtzUTO2KNcENiF405N-TRCz2jGJfhPNIhJ0cqiqRhMGH9lk-MSagnJvdMFiEq0l9wf1YMu_szKeDszOC6iKnLp6GF2-YEjwvDjZUi7L30u8STUylW8eik4pobsJJEejk931ezljA69GdUmcb_sOnIycRjM30W-ESRUJLbqNbhzxBRuC7cXzRhBVxcLD-YIqBqi5TfraqajNWMsfqcgIlinsdbSTDEGpVlWGcCcU99vRXw0XRuz3ttv8zqLoOnZZMv0X1YBequbtRSmLrjYbdCGzTLtYMHDfPNO6Bxn4EnRttSkARO6wQSMGtWunGY3QJknZ5GVB52pr_LLWPvpgh-rgleFFbWFkw0aKZBTnEOTHD_kmiSADwrzWylhexMKoPOlGagTOrQ3eL4Bbx1ii7RYPv5c8wDdFkBLwCi4CiMoaB7xiklI5PoHIUeDa0JUfEFqJPWzSImPBWLmJdd_7hdJSVF0ZaJzMB6Dr_4ki6TbDBJIwDMjsR3tSrDR-3isR6_rZvi4Rq5ttZi2-7f9aZrSpjU3YrLSJWVt54S-NJboUMM3ZTRe6US2raDuXzzrF7eFujNzNnVLlufOY6tohykDRgEqN3rTea7r0JQVWrrAMaOSgjnzcVVlwWlGdqGvbrFCne1clnGn73Bj1AS7r0793ZZ_w3l52AbKnwiYWI__N5WfP3a74X7u85E8Vr5CecsbMGu_Jt3n0zx7Hpqverw7XbYogIXRh9llocGTq_CBph-iyUj6XwwHUQA8mHfwo83MRXwNwVvNO77pyUlCmQlHsxRxCWSz3yqLUaACMsKj1GVDTzi07dSRgOSt4-Ll2xQizb5FbxqOk4JpSe_Fgv87ylK3KXRuX--pXqC5w2R-X5kOxoItgM1xgQ0GFPfnE6qDu_kIQwNknLwW6mrddEYuIbT4lMiBJ4yPH70TM6dP0xmXM29pFsPw4rE5VOt6755KfxCjmyVVk2-8LwW3H1dPBXFe99Zr0tkRR16LYB8vl3f1c0SRpcipHv4L1JHUVLTh-L4lOGEEYwOghZYcQfuhmeSLUOTgmXnW7s6sj3opRv7yOC9FuRdNfMLAjB38Kw33mZCLQD1itryMJ75A2320l_srm0gbphFLKlYd3UHFOkH_5waLK_11z82NU1CdMHA6rulwLeGDC-i_u3poscalYr8Ag4yTe4qTpOlu3qvDn_GgbFXhVATkpGmLelF1vP_8cBFrjIZExkO2w0YHtw2g2x9YPN8A5-U0HgsyMaXFLMhPeRL_d87N-H5VF4foMjoHRERu8dC3Xocaz3cvSsK7bDmUvXl2H65cIF7MbJhg5HUlRco6Mqt0MTX_-tAvlqW_xf3TQOztm5hybexMrSAhDn0bPLsomFlGV4vvyheTOB8Igtk6novQBEKop99UsTIaLdrVYvbOrEQYbLuXVedbJMRvIoWUXnioEn5dAPvKfvKqRJC8dlqK27FOjAgoR8R1t2Gn5dn0xVw25onUuBdzRL0bnRDWFjoZuIhJsrlWnKCEiqcAJkE3iUdZxFm0Bq_ADk7V4kYEeelIVWq_WQsyBT-5ybVpAVhxd1nMY8KiSfY23BbHkEILjAUuJ-XfmFuBarQZAJwITPPcyXXhib6MdzyP91DUkylI9QhCBj9OEQiKeSlKh2p5GuESvFnGHN9O55Q6cMaaDny9VtJI2-0vkeDt2bMGypluvWYUEv33txR_uxwuCMVURrAyC397LXQfEJPefYPOukuuyUrUg19WpwWgm1W6mUPPDnraVsKi57tjD9lK43nPxYYjcBueyttCqRnhvO0mCOBlADK85kfM54yUKrqHg9ziwD-Xz0ub-tIbnJdGdlfFNsWvNQb-TTByI6yao1GyzLSkehkR2LuBUSs7fvlvgi2jesIxZWvu6MOKsWBqE-mGGaAbI1vcRaZkbfEpuAOxFC4K7GKF0agfgBeC3j9nd76igXY9LsevVWrE_pQp502QKXkF1-XTuTCZhYpa_qxL1Etcr9EQIHV99F21ZH2rQmT1iR0XvCy8R4h3na3zsZ5NSmxvdw9Hu3fvZLdTNpTKcbZFe9Tus93mUEwJ2ULfVdb1Qx2WDZ6GpkjiHIM40XvAOZyyVD2YVwNE7CBUVHIBhgqnoiMqOGFE3aSlRelHz-nGrc7a12l3608Ez0yRw3lbv4oHSeG5HP5RGjNHS3UVcRA5H83apzxF1dhhJ-LiNq26jMIMyofT1WrYI3zdmajv-v8HORwgJqLblToedrk6MIzWmCIRBLxqVmj59_PAaRhIsT3k3rkxXDqHX2k5wpTSIEO3zmpcmHvjQ_sD10Y-Diusru03w0zKaQG_OUpKvj5G-Sxmyg6hMqfzrUq3tS5fYLjDXbX03EDa_CrCt2rHCd3k_jfKrBLtQxSjwjwPNb6WszKaibSHkdFxR5W_2XEA2a7PvtGWW2V2ENAgKW7Xs_IUvw8zkfvy5GeA&cid=CAQSOwBygQiDGGdxPOwBpk78bpLLmdnCEwf14LcxmNUHb-5OhnJNeClqgK3GlBt_5AZcfLIvJHEuU235LERVGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fall-news.co%2F&ds=l&xdt=1&iif=1&cor=14153551982499635000&adk=3047537735&idt=37&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24725c812167c883f6d83d92571f9e2bb339f748e19df42b5e7d90d72d225220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D3E 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y2095Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
all-news.co/wp-content/uploads/2023/06/ 111 KB
111 KB 21ms
20ms Image
image/jpeg 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4831-new-york-city-spent-50k-to-send-migrants-to-florida-texas-china-report.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: 05ababce40e3e620b932d6b92130b84286959881fe13ff67aa4c3394842290b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "1bc9f-5fee8ae3024d3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 113823

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame EAB3 245 KB
74 KB 153ms
37ms Script
application/javascript 54.170.136.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8439024877331049&ias_chanId=1&ias_placementId=19429846202&bidurl=https://all-news.co/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iBFzz6dKzgyjk-lMcUozcG
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.136.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-136-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a27d1c4d5686b6084a72f7488a16856e4c8883a9dddf76e96216ed73ff10712e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EAB3 111 KB
39 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 10:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 10:17:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame EAB3 11 KB
4 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAQYXdrB5g227JWABbiPHQritUM7W_cO6_Fjw-Q8Br_UOZ-KG3BBE_DLdqq7VDGz0foMjRb4SrDSIT2mfOY2Vvq33NA1zTLwZpDzXUTAnvcC1HSBMSGqIAQZxAGYUlaVrfrhFBnDnhtXnMfSIBlYzhX7_RkhNiF7-RFR_3uq5ndgme05g&dbm_d=AKAmf-BbFCZSq9Tibwp1UgujClMlt_8VLOZdig7k73Oia8W0BKcGAwNyWCnKg9qWqJeelMytLw1HtTctffuWgYqEwSojoeXJEIzqY8EtU3zs6R1dKbofhkNkqk5p3pVqmuDH_boTwOfyTQYd2HEE4lwt9uZRqhpgVojPC4C7wHL-Vx6ZZBJhQbCjTOmDVxBaiFS4lcxeScQbK57H1oNh1QslpOhIygFFijwRA7elEmFz2GAgc9-QJi2s6njh1e_wUXtFsrPNiZLguqISx1i2iioY6lzLUr6urbGxKv6aw9HmEe4kNdAnfUMY3MdGkl6exH_IZDX9QmnYqAdNJWpqu2_cIWvAkHdT1wQkipiCRqnyQ25-BAxbgigjm1JQhHQ_FqVKtTWjes3zrih7XYue1Y_Bki6cDEh5Wr6jewUbWHMtoiMRdP7Aof9RLS-_K1VqXWm_GbxgMrXn7dT7K_mwN-sDudd_9y3ledCEYEfmeFK8J2eKSaz0_Bz9wEeLxGqLHDDYF6ap15kjc-CgSz37L2PrHAIz2dy7cd4974DfSTVmjmvKR_kuPvIIyIGnZhr5rzGKAsGbGCf4RFPWYcr5i52WE4iY5qpUaV9F-uxMz1OYBRv6dGvUhw0znC3_RjtdnEysSsjVS0H21ixl9uWm3LWUTxWDbDxwSM97K5LwxJ7v1PQ8EITcUUhxNubQfzMqfksd6iVVH8FUmTG0CYRs1HnKr5VAyd3OQE8-1zGp9_4RT_2VXQA51GybZrCp1JQR8v9G9ZCSS4X_RHyokuCUZJ6gHO_f-kYkvcHg6uJcJZPHS53iq3MCcDB7rRISQHOGNUB2OOhLttJVf6AXfNhJ3PievRSKLomJMd4_94wX0F26Ee9wjvDuAtiZ_aZ2XRCZSdMrE33EZQVOHA-11dlJhYBFgnUnpKueCmDAZJLw59yBnPK0nDggKbPp-UWurp7w69uqw7Asx_FHsYXfBhxhDcBRbs7ujIBez8hWSHTJzE1cXMcRsQidVt3uEYi2_H4ehgbpsWfkQmVogFDZ5PlAmJuI1Nk2q1RniIEHYDRaK9FFSq1ZSNnx7aKpgqp_sn-0yN9GTAB4Ws2bWM7XVMndBo3hHfNLPMnQG1FqVfHM6aqlUosJX2UI_iBoJOFegHUotEJX4uBu64qvV3FWb2d1EUQk46lEcIcSfpuCRAOGYcjr3RpxWk6w5LuqTLH7F-Nu_RHQ2IfFOtzUTO2KNcENiF405N-TRCz2jGJfhPNIhJ0cqiqRhMGH9lk-MSagnJvdMFiEq0l9wf1YMu_szKeDszOC6iKnLp6GF2-YEjwvDjZUi7L30u8STUylW8eik4pobsJJEejk931ezljA69GdUmcb_sOnIycRjM30W-ESRUJLbqNbhzxBRuC7cXzRhBVxcLD-YIqBqi5TfraqajNWMsfqcgIlinsdbSTDEGpVlWGcCcU99vRXw0XRuz3ttv8zqLoOnZZMv0X1YBequbtRSmLrjYbdCGzTLtYMHDfPNO6Bxn4EnRttSkARO6wQSMGtWunGY3QJknZ5GVB52pr_LLWPvpgh-rgleFFbWFkw0aKZBTnEOTHD_kmiSADwrzWylhexMKoPOlGagTOrQ3eL4Bbx1ii7RYPv5c8wDdFkBLwCi4CiMoaB7xiklI5PoHIUeDa0JUfEFqJPWzSImPBWLmJdd_7hdJSVF0ZaJzMB6Dr_4ki6TbDBJIwDMjsR3tSrDR-3isR6_rZvi4Rq5ttZi2-7f9aZrSpjU3YrLSJWVt54S-NJboUMM3ZTRe6US2raDuXzzrF7eFujNzNnVLlufOY6tohykDRgEqN3rTea7r0JQVWrrAMaOSgjnzcVVlwWlGdqGvbrFCne1clnGn73Bj1AS7r0793ZZ_w3l52AbKnwiYWI__N5WfP3a74X7u85E8Vr5CecsbMGu_Jt3n0zx7Hpqverw7XbYogIXRh9llocGTq_CBph-iyUj6XwwHUQA8mHfwo83MRXwNwVvNO77pyUlCmQlHsxRxCWSz3yqLUaACMsKj1GVDTzi07dSRgOSt4-Ll2xQizb5FbxqOk4JpSe_Fgv87ylK3KXRuX--pXqC5w2R-X5kOxoItgM1xgQ0GFPfnE6qDu_kIQwNknLwW6mrddEYuIbT4lMiBJ4yPH70TM6dP0xmXM29pFsPw4rE5VOt6755KfxCjmyVVk2-8LwW3H1dPBXFe99Zr0tkRR16LYB8vl3f1c0SRpcipHv4L1JHUVLTh-L4lOGEEYwOghZYcQfuhmeSLUOTgmXnW7s6sj3opRv7yOC9FuRdNfMLAjB38Kw33mZCLQD1itryMJ75A2320l_srm0gbphFLKlYd3UHFOkH_5waLK_11z82NU1CdMHA6rulwLeGDC-i_u3poscalYr8Ag4yTe4qTpOlu3qvDn_GgbFXhVATkpGmLelF1vP_8cBFrjIZExkO2w0YHtw2g2x9YPN8A5-U0HgsyMaXFLMhPeRL_d87N-H5VF4foMjoHRERu8dC3Xocaz3cvSsK7bDmUvXl2H65cIF7MbJhg5HUlRco6Mqt0MTX_-tAvlqW_xf3TQOztm5hybexMrSAhDn0bPLsomFlGV4vvyheTOB8Igtk6novQBEKop99UsTIaLdrVYvbOrEQYbLuXVedbJMRvIoWUXnioEn5dAPvKfvKqRJC8dlqK27FOjAgoR8R1t2Gn5dn0xVw25onUuBdzRL0bnRDWFjoZuIhJsrlWnKCEiqcAJkE3iUdZxFm0Bq_ADk7V4kYEeelIVWq_WQsyBT-5ybVpAVhxd1nMY8KiSfY23BbHkEILjAUuJ-XfmFuBarQZAJwITPPcyXXhib6MdzyP91DUkylI9QhCBj9OEQiKeSlKh2p5GuESvFnGHN9O55Q6cMaaDny9VtJI2-0vkeDt2bMGypluvWYUEv33txR_uxwuCMVURrAyC397LXQfEJPefYPOukuuyUrUg19WpwWgm1W6mUPPDnraVsKi57tjD9lK43nPxYYjcBueyttCqRnhvO0mCOBlADK85kfM54yUKrqHg9ziwD-Xz0ub-tIbnJdGdlfFNsWvNQb-TTByI6yao1GyzLSkehkR2LuBUSs7fvlvgi2jesIxZWvu6MOKsWBqE-mGGaAbI1vcRaZkbfEpuAOxFC4K7GKF0agfgBeC3j9nd76igXY9LsevVWrE_pQp502QKXkF1-XTuTCZhYpa_qxL1Etcr9EQIHV99F21ZH2rQmT1iR0XvCy8R4h3na3zsZ5NSmxvdw9Hu3fvZLdTNpTKcbZFe9Tus93mUEwJ2ULfVdb1Qx2WDZ6GpkjiHIM40XvAOZyyVD2YVwNE7CBUVHIBhgqnoiMqOGFE3aSlRelHz-nGrc7a12l3608Ez0yRw3lbv4oHSeG5HP5RGjNHS3UVcRA5H83apzxF1dhhJ-LiNq26jMIMyofT1WrYI3zdmajv-v8HORwgJqLblToedrk6MIzWmCIRBLxqVmj59_PAaRhIsT3k3rkxXDqHX2k5wpTSIEO3zmpcmHvjQ_sD10Y-Diusru03w0zKaQG_OUpKvj5G-Sxmyg6hMqfzrUq3tS5fYLjDXbX03EDa_CrCt2rHCd3k_jfKrBLtQxSjwjwPNb6WszKaibSHkdFxR5W_2XEA2a7PvtGWW2V2ENAgKW7Xs_IUvw8zkfvy5GeA&cid=CAQSOwBygQiDGGdxPOwBpk78bpLLmdnCEwf14LcxmNUHb-5OhnJNeClqgK3GlBt_5AZcfLIvJHEuU235LERVGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fall-news.co%2F&ds=l&xdt=1&iif=1&cor=14153551982499635000&adk=3047537735&idt=37&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:19:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:19:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame EAB3 30 KB
11 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:21:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EAB3 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4829-kevin-durant-invades-twitter-chat-rips-fans-discussing-his-ranking-how-yall-consume-the-game-is-trash.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: a4f9d1585ffe85d58e4d32708078cc47cb1b00ad3bf5f224596779f87a4ec26e

Request headers

Referer

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 23:43:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "121c5-5fee8ae2a77b8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 74181

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8D80 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Sun, 25 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EAB3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c8a097095fd366404497e362f38133ab840aa7ea03a9860189305894c6a59a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
all-news.co/wp-content/uploads/2023/06/ 1 MB
1 MB 18ms
18ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f2820d4c9969bddb795081b167ff9aa3674d4881100119d6b540506258d68a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:28 GMT
Last-Modified: Sat, 24 Jun 2023 10:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "12b97a-5fedde9c13304"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1227130

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F648 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtrpQPFqmTo9u4D5P_lyIgBgH_P-oJtWEcsbueprrW8pgppakfeMfn-n7WHCfiHbkF4DfNyEfU0WUJ3C77EMqJG-XfNtwWjzAEmHiVu7fklaVz2Iv7_sk1-nbiTyBBuq3_A40GYjmjOAbt&sai=AMfl-YQ5DRt909RZRNBZ-9scKnjgLth9M32h7bMnjANXoyrTYeekGMYwzugTOQ-mC5d28Lq56C8sQSgS7Jla&sig=Cg0ArKJSzPJt9hDCy2oxEAE&cid=CAQSGwBygQiD1ih9BJ7b_rPULFz6yVwIlnfk3jtBbBgB&id=lidar2&mcvt=1015&p=0,0,124,1005&mtos=390,1015,1015,1015,1015&tos=390,625,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687657107283&rpt=671&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7494 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 387922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8D80 70 B
265 B 102ms
35ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGQMAyPS-ZeWO7Xdr9BXw8M&google_cver=1&google_push=ATf1kGMbb6UDIAq0NbRKCVMxuvBXszsNdXipy_IpGnDdYDAdF4EAQCN2GWKNBbUT2NI1sj7RpNJYtK4JBETWHv754uvwBHhkb_rQXQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8D80 43 B
363 B 48ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEC_l_2BJ7zzUy5pSbFOP6D4&google_cver=1&google_push=ATf1kGN6y8S8eZv6gFGrdBWnGEl2j5AIptdJN9UneHx1JqKEOiBoobDKoW5KwJR28wzLbOYHZzF-LCuh1aRTn4ei_Zn1TCnaq3jMp_c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:28 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 210335
expires: Sun, 25 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8D80
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL9NMlME3CeBUFW_UcQKidI&google_cver=1&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lx...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL9NMlME3CeBUFW_UcQKidI&google_cver=1&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAyMDQ4Mzc4MDY4MDAwMDg1Mw&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAyMDQ4Mzc4MDY4MDAwMDg1Mw&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lxaILliyvdtJ6DiTw-Cs1_VMQ

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTAyMDQ4Mzc4MDY4MDAwMDg1Mw&google_push=ATf1kGP1LnJxkh-07eq1i7FOmeFZRywwLY8IoNxsqfcXeIp-HVSb9FTnOF4n2az3Z46hE77gJBAqr0lxaILliyvdtJ6DiTw-Cs1_VMQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8D80 0
12 B 16ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQsYQpbcI6EjFHuNrSP3d9rNV4tfv30NdWkoH_NTRy6w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame B556 142 KB
22 KB 27ms
8ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 298191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:48:38 GMT
expires: Thu, 20 Jun 2024 14:48:38 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EAB3 0
0 109ms
54ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAb0t9ux6RX_Hr9LHhuWnwN53Ktoa3tT7b3vJNIAmviXD3q2bJE_b-Ag45-_4vtFg78KQB2RtNAkmoI1NHFcI8PqU-aBAKNwdJGJjqWnCufWJaV3RoPYMELSEhn07LwazwfaZQFHCOXjVBLiEA3PGUjAvvJIV06HRNJi5JQ_c1hQ2G5rePWgcDq6FcWyieP0cmPMN8luQXy6c7dsSRv8QYuyEaBTTC9KFOwiTj43spqvmHZDSdOi058MMflTXvFTplZ0ICbyxLnWQOaly0kggk6IVxXHVU1c5dguutL8Du7CW2G-ddT-fkepfxGxTsmA7whbe2-oM-1Oacb1dGLiMWyl7GXk5bQJG1GFbO-iBZqazJ5wKH89wPuS1PyWGMXVIA_D5A1cRW17iZ-ZLygfLGRj4tu4uNTD43nE12UWtsBcuSLp4JwmP40OVGbgTonSRoE53NHzQKfHU1nFdsUGHzhmE-sDfx3YJQ-d508JU4nwzR1OPVHzP5XR72I-pROD4VnnsQ-RfAx9bVTBiqvOjCg695Tj1I_1G4ZktPmK11O1SMszOhYfLmilnSGA9X-N8RwdavQClxm99jYFPwwG8xB9tc5L8sPZdrPE8Jnk4X4xGMUx-RTfdZ4uxgqIy7L9XyVkOXUXc501bpEMdl1F1tHgnCtE21UyguwMQOm3GN63a2r2iOQEExxcpGBBJt00jKKLq4tVcqK7-6adcckLfsTnSn5RGw7g-dEpjpRupld_9E5_vgp0TJTLDqq4wdCwGPH46eIQokQXVDdBuBuN7bmyfj0e1PX8JsLJK4vI0Jr9ChRo7JymyuzNyjFqDqcm7NtbrpeXLGEFGMZ9tfgYnbnu9UuRwrE7JOLdKN-eLneJMj9xFUN3utlIFP4HFMNCXjZf-ok2r-8CAHQghmmj3Ju2CBo_raRX5KSB87v-X9-0dZtgm85vOz4e8tBy9V1YEcJRbgu1vQbhABln47hDAqxWyMNLB2w8NhP1n7WFAxHom7ue6PMTsb8i6WtVZkLZbR9MFibZFhU1d_NcgWns8Hn-_Oh34mw54Fs0MIW3V8waG4egQBUbG___SwR-JygXR6I0sk6hEITWYpv7O_IkeGC5jYGpCjakDXXnp2oxxVQxE3c66hTqCZd2UNtYxOJlCmqJN4N_SofnjqUhw1x7f7fHytpM8YUMQ5iKENzPkiSUcot_XA4rW5qnOCVl56gP_PcH5jQ91NOOJ_Io8UuPIpWSBXtlMAOOSdVMmuqG9F2WZCNJbiecBwTva08tsXosWVC9K5RaJuYiPMNKKDsslMscq7d7t3jS4&sai=AMfl-YTPFa97-duJiF6OUDmcm64YCfCpfN6Vg52U5XD0SiRWjVu6uxO0UazoIAB9MdyDfSO8yc2xm-2HMUvb2hdDyoHhb47VVpPsiY-8B4Aeum5zLkw2-KplQSMLAM7pv2Leae-9emk0VJW8nuSkmf6KKsRnGjQUaCXb6ClJhKiPDkNtYdZtb03_ozCZ6mF5QnWJip4KgUOSvbDppFRtpnalg4PiPPUMC22N3oVkAGyAqBE46QjB0EK3RgcE20sgluGaK69p&sig=Cg0ArKJSzOI8EmbA5yD8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=129&cisv=r20230620.67548&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 25 Jun 2023 01:38:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 25 Jun 2023 01:38:29 GMT

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7494 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 17:03:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 17:03:11 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B556 29 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 00:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 26 Jun 2023 00:48:37 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame EAB3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8439024877331049&ias_chanId=1&ias_placementId=19429846202&bidurl=https://all-news.co/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_lJqXZMOlMIi4x_APhs-tyAo&cbFunctionName=goog_wrapCb_lJqXZMOlMIi4x_APhs-tyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

37ms
20ms

Script
application/javascript

2600:9000:26da:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_lJqXZMOlMIi4x_APhs-tyAo&cbFunctionName=goog_wrapCb_lJqXZMOlMIi4x_APhs-tyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Server: 2600:9000:26da:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:21:32 GMT
x-amz-version-id: xvNeRkb9jAQ4zOn1ufjhgngoRBnUwCN1
content-encoding: gzip
via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 375418
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 20 Jun 2023 17:21:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 0kBS7S2Fmr-djsqWdiXf-j_w661vGiFCBz8pkRFYl30aHJXOFN2H9w==

Redirect headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_lJqXZMOlMIi4x_APhs-tyAo&cbFunctionName=goog_wrapCb_lJqXZMOlMIi4x_APhs-tyAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F173 91 KB
23 KB 79ms
19ms Script
application/javascript 2600:9000:26da:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1397921
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: EHLFY0xQ5WCuZdnk2ss6KD3TMDC7qTNk0sNgVcO718lkcfgClPWcNw==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EAB3 0
0 47ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAb0t9ux6RX_Hr9LHhuWnwN53Ktoa3tT7b3vJNIAmviXD3q2bJE_b-Ag45-_4vtFg78KQB2RtNAkmoI1NHFcI8PqU-aBAKNwdJGJjqWnCufWJaV3RoPYMELSEhn07LwazwfaZQFHCOXjVBLiEA3PGUjAvvJIV06HRNJi5JQ_c1hQ2G5rePWgcDq6FcWyieP0cmPMN8luQXy6c7dsSRv8QYuyEaBTTC9KFOwiTj43spqvmHZDSdOi058MMflTXvFTplZ0ICbyxLnWQOaly0kggk6IVxXHVU1c5dguutL8Du7CW2G-ddT-fkepfxGxTsmA7whbe2-oM-1Oacb1dGLiMWyl7GXk5bQJG1GFbO-iBZqazJ5wKH89wPuS1PyWGMXVIA_D5A1cRW17iZ-ZLygfLGRj4tu4uNTD43nE12UWtsBcuSLp4JwmP40OVGbgTonSRoE53NHzQKfHU1nFdsUGHzhmE-sDfx3YJQ-d508JU4nwzR1OPVHzP5XR72I-pROD4VnnsQ-RfAx9bVTBiqvOjCg695Tj1I_1G4ZktPmK11O1SMszOhYfLmilnSGA9X-N8RwdavQClxm99jYFPwwG8xB9tc5L8sPZdrPE8Jnk4X4xGMUx-RTfdZ4uxgqIy7L9XyVkOXUXc501bpEMdl1F1tHgnCtE21UyguwMQOm3GN63a2r2iOQEExxcpGBBJt00jKKLq4tVcqK7-6adcckLfsTnSn5RGw7g-dEpjpRupld_9E5_vgp0TJTLDqq4wdCwGPH46eIQokQXVDdBuBuN7bmyfj0e1PX8JsLJK4vI0Jr9ChRo7JymyuzNyjFqDqcm7NtbrpeXLGEFGMZ9tfgYnbnu9UuRwrE7JOLdKN-eLneJMj9xFUN3utlIFP4HFMNCXjZf-ok2r-8CAHQghmmj3Ju2CBo_raRX5KSB87v-X9-0dZtgm85vOz4e8tBy9V1YEcJRbgu1vQbhABln47hDAqxWyMNLB2w8NhP1n7WFAxHom7ue6PMTsb8i6WtVZkLZbR9MFibZFhU1d_NcgWns8Hn-_Oh34mw54Fs0MIW3V8waG4egQBUbG___SwR-JygXR6I0sk6hEITWYpv7O_IkeGC5jYGpCjakDXXnp2oxxVQxE3c66hTqCZd2UNtYxOJlCmqJN4N_SofnjqUhw1x7f7fHytpM8YUMQ5iKENzPkiSUcot_XA4rW5qnOCVl56gP_PcH5jQ91NOOJ_Io8UuPIpWSBXtlMAOOSdVMmuqG9F2WZCNJbiecBwTva08tsXosWVC9K5RaJuYiPMNKKDsslMscq7d7t3jS4&sai=AMfl-YTPFa97-duJiF6OUDmcm64YCfCpfN6Vg52U5XD0SiRWjVu6uxO0UazoIAB9MdyDfSO8yc2xm-2HMUvb2hdDyoHhb47VVpPsiY-8B4Aeum5zLkw2-KplQSMLAM7pv2Leae-9emk0VJW8nuSkmf6KKsRnGjQUaCXb6ClJhKiPDkNtYdZtb03_ozCZ6mF5QnWJip4KgUOSvbDppFRtpnalg4PiPPUMC22N3oVkAGyAqBE46QjB0EK3RgcE20sgluGaK69p&sig=Cg0ArKJSzOI8EmbA5yD8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=265&vt=11&dtpt=133&dett=3&cstd=129&cisv=r20230620.67548&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:38:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jun 2023 01:38:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
215 B 358ms
102ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvELWP,pingTime:-3,time:56,type:v,im:%7BpBlk:44,pci:%7Btdr:36%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D,%7Bpiv:-1,vs:n,r:,t:53%7D,%7Bpiv:0,vs:o,r:l,t:55%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:56,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:n,t:53,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~300.250%5D%7D%7D,%7Bsl:o,t:55,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
215 B 355ms
103ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvELWQ,pingTime:-6,time:57,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:57,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:n,t:53,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~300.250%5D%7D%7D,%7Bsl:o,t:55,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22%7D&tpiLookup=ao:all-news.co*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
216 B 335ms
101ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvELXa,pingTime:-2,time:77,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:734,beZ:735,mfA:738,cmA:739,inA:739,inZ:743,prA:744,prZ:749,si:755,poA:757,bl:778,poZ:778,cmZ:778,mfZ:778,loA:791,loZ:793,ltA:811,ltZ:811%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D,%7Bpiv:-1,vs:n,r:,t:53%7D,%7Bpiv:0,vs:o,r:l,t:55%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:77,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:n,t:53,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~300.250%5D%7D%7D,%7Bsl:o,t:55,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sinceFw:54,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame B556 2 KB
1 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:38:47 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B556 4 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:44:27 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B556 11 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:44:27 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame B556 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:52:10 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame B556 6 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:49:25 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame B556 38 KB
38 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:25:11 GMT
x-content-type-options: nosniff
age: 798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 01:40:11 GMT

GET
H/1.1 200
OK 4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
all-news.co/wp-content/uploads/2023/06/ 1 MB
1 MB 19ms
18ms Image
image/png 5.189.131.58
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2023/06/4757-ufc-welcomes-nickmercs-back-for-2nd-mfam-gauntlet-vs-scump.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.131.58 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi481268.contaboserver.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27 /
Resource Hash: f2820d4c9969bddb795081b167ff9aa3674d4881100119d6b540506258d68a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 25 Jun 2023 01:38:29 GMT
Last-Modified: Sat, 24 Jun 2023 10:52:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.27
ETag: "12b97a-5fedde9c13304"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1227130

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7494 0
25 B 52ms
52ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmg-clJqXZMOlMIi4x_APhs-tyAoAAAAAOAHgBAI&bg=!o6CloPTNAAYQ3eRoMN07ADkAdvg8WtrBjdsEjbLJR6GfJCFJyv8OeQnqhkLuykkv_Z14820CCAQcvY803KqyoRLLP6B4RbsGv5kCAAAAwVIAAAACaAEHmQLOwHfUm2LZG99A-9TwxFFKusJVlfFlDKhSYi_U9734Omvr362lf-V6FVXuvbLafPjzpXAZei4sgOfwxIo1cCG1kQvXICgKaBzfmJNSscYqnmAzvPvY-SKXcAYqQklYnIObx5NpwLgNx8nMCjxk3nA340eeRqB3gScjUQHnx12k2RQXem8kC8pi784juLn7pLV2gFiuUE-AmjQEnPs1tDwG-NGKM70rToyIhZ89RcLguI6-Rte7pIdG9YSmcY0LV-GwCXDJVQcDsGICxUTvYvzVl08cvERb9QBWK3uym_CS_lQgw1Vb_G5BPhw_l_xR04aEw4jUTiJZgzIO34Ib2xTcjF1dsbiWFUbbv5yowJyFEMzajVNrjfRsgjUoGRF6fNdHPXoBJjLSwzGE5xI3OJhzROkyEltY8UpUnV5K64Vj2BbeT2He6iNa6ZmktQBcpe8BqGGZxCvdRVi9GmznMSBBOFyI3TnKF_GzbdeKedMQozhI3b2ZfFoPUUkU8PZL_O9BKoK0GwfSqW4LtfEhgjtJ-Nu6xR_B9gGnTBk5Vq0frtKgjc34bmvYfw8PM5fu6neli2Y36n_lxuYz7f1n1dg9t7beVGBQnRmQDAMYmRXQpskiG_pt5eTte2tbwZCdLPKWyLTpJI7pfW_mHFTD3vQltle5VYKy3cN0Kq2lovSP7zecsUdW2TCJhBK9EIPzDea-Go5FPrCZWh3q-FAMsl8tRgC7lOB4R-xa-ZJS4ELtGfnwY5lCQwaUOcUEOdemirjimW83Y13bdhPkR-B28_LHGELHcbOrIMnosA4388trls2HSshE4r5XX576wG0nAczT0OJGVWCiIjYnFyFfS4WvjRzJAfM3GqNnVkxKAJotc9uYcnNiIrHskolvrBsNSNd5s5TI2D8tDGT0QB_LMVilwuuUBq6tvA9Q0Q-fBLvu-reyLTrJ60Y9s3HQm5aV8w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
215 B 211ms
102ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvELZb,time:202,type:e,im:%7BpWait:27%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:202,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:n,t:53,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~300.250%5D%7D%7D,%7Bsl:o,t:55,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:150%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=68847006560158&bg=!dHeldyPNAAYQ3eRoMN07ADkAdvg8WixjD8VkqWHCygDTNB-itZJ2kx5vv4o2OmYNlCe2Ww_k9lM6H6AGN98b7k1byOyJsPeXLSACAAAAz1IAAAADaAEHmQKX8KiZF_FEiAN-bet6mUpJH-YxUKN-aA2sQDSQMI4FAWj3mGyqeFUnQjjMFWP8RJQqDLFa4qjotu74nhzHIF_42T3EuJOpP8VnVKA0Am7JB1JMz8BXGGrK5jgWCWpOtJKQhtbdxlx-Y-tECNI_H-GHA3Csapxk_XOq0mwpexdI994kfs5drk45272Hfpe0W3fYpy8OFNFrd2JZFyhRQ_ono4kNGXoV_pzBp4y3sH235JVQzSiUE25WL9yxzbY3Hie7Y-IpKAuXRwhzpYuRF7B538GFyjZmZ6h647wK8XwyBhvcAtT3oFJLcFvfisF9s6qZyjBoEY4oTjWggbWBziNozhZHNqHDvL7_i0zJoNt90DaEdnhV-gsD8EbCAEg6cGrsPcIXtJLNt_mkWByhIbSkvuX-WDxyTwyhEN2-blTj1FFBxp-UYncxglYVubkcNA5Mab1JZVrHA3GUqq6A87cRZyOA2li_0_anOzQgrgjrTSqVOuGMNMhrZFXt3gl0eGUmsa8wppslaFodMgOJcA4VrKAKynXRF-tL-HH0EmlFQ6e6aC8dXAtHCWemuYBM1-hfitd85IN2Xrxv7Ty6jTMdHtrgkKAz7Z25BFZCq8OWxi3hBzgwlNBtL6Lr0PDJ-6EzacKGsoNs7MlpIPSjj5a2STHpuCQDEzcla7mtRxmrtl0naBu7xx9-84aCuUeNUrFa9ybxKMEVT7eCV4QsOG4Eer2mGbsxHZKDJZiAtOhMpWBM_YhyO26ROScLU4GhQHHbaDVmE7-QHNgeA7NrA9apwBSvXvHWETUZ1yuNfJIUCZIQwmn-po8sqtQGspIHMI04OS25l6SXm9Ud43H0XnivrR6JG7fXgyEvsEIF5OYI7HTAx4z97gxb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvEM38,pingTime:-10,time:447,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687657109554%7C%7Cad83fd642d5503d7efc1666e3818aaa8%7C%7C8623b242deb4313525321dba17b62725%7C%7Cca2eda4daf17e0cebd76cc7dab18a3fd%7C%7Ca4308edd52707aa615b2637c9eb6ac5b%7C%7C5bf99dc88b922f12f20bc43a5108a813%7C%7C897873c286ff9d552c4a644ef32c7397%7C%7Ccfe8ca414e980931bf7ce65f428e08f3%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&slotname=1203090826&adk=3296947953&adf=4134590787&pi=t.ma~as.1203090826&w=300&lmt=1687657108&format=300x250&url=https%3A%2F%2Fall-news.co%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687657108366&bpp=1&bdt=1842&idt=1&shv=r20230620&mjsv=m202306161001&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c14c2c5bfe874d0-22d7295ee5e10068%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MYRA3n__wYScDvARiaozIrzMileVw&gpic=UID%3D00000c67b3fcef17%3AT%3D1687657107%3ART%3D1687657107%3AS%3DALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A&prev_fmts=0x0%2C1600x1200%2C1005x124%2C1068x280&nras=3&correlator=641373793157&frm=20&pv=1&ga_vid=1648884933.1687657107&ga_sid=1687657107&ga_hid=238809044&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075474%2C44788441&oid=2&psts=ABHeCvj3K_AoGaSw0PJ56e9IZMGkbXSrxOlrW2Ld_xBTCtnyFFBjskeBOSCn9GNzf3S2tEPVGo3YIZFUEUw37PAPQ64O0sMoNh3veOC3R0_VvvfY4SeoAg%2CABHeCvh-fyhwk5xFtkx_-Qys9sejBWZivOBRF9PCCNtrTSGDjFlDtFNwcMmvmaqpjeLToF07_ZbwqtDreVscP3SAksPOEAKZ&pvsid=68847006560158&tmod=1886300635&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=w5irsUuttH&p=https%3A//all-news.co&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAB3 43 B
215 B 101ms
101ms Image
image/gif 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=86c7d1ad-454e-4798-99f5-f99c1d983371&tv=%7Bc:gvEM5g,time:579,type:e,im:%7BpLoad:554%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:579,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:n,t:53,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~300.250%5D%7D%7D,%7Bsl:o,t:55,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B523~0%5D,as:%5B523~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:105,fm:tI9veVl+11%7C12%7C1311%7C1312%7C141%7C142%7C15%7C161%7C162%7C17*.990511-61634100%7C171%7C172%7C1731%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:150%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:7f1:bd6d:da41:8b02 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:29 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAB3 0
25 B 49ms
49ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2775880104793&version=m202301230201&ct=76&x=1&cor=14153551982499635000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jun 2023 01:38:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
all-news.co/	1970-01-20 12:53:37	Name: PHPSSIDDD2 Value: djhJodlTp94ZaJ4
.all-news.co/	1970-01-20 22:09:13	Name: __gads Value: ID=1c14c2c5bfe874d0-22d7295ee5e10068:T=1687657107:RT=1687657107:S=ALNI_MYRA3n__wYScDvARiaozIrzMileVw
.all-news.co/	1970-01-20 22:09:13	Name: __gpi Value: UID=00000c67b3fcef17:T=1687657107:RT=1687657107:S=ALNI_MbkLKNtTNC_pYJ1092mPOj_Uloe0A
.doubleclick.net/	1970-01-20 12:47:40	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:23:37	Name: IDE Value: AHWqTUmTlgaHEjnePhEkKXUwpNstXt5izoiau1TgAsIT3bdGRFMlHtMHsnFQdtAZJbw
.w55c.net/	1970-01-20 22:17:51	Name: wfivefivec Value: bUUthAYH1QdeHW5
.ctnsnet.com/	1970-01-20 21:33:13	Name: gid_CAESEOFjU47l5fE9oetpXS15zzM Value: 1
.ctnsnet.com/	1970-01-20 21:33:13	Name: cid_9707ac69c52345ddabb575fcccf8654c Value: 1
.simpli.fi/	1970-01-20 21:34:39	Name: suid Value: AFF830C7F6BE4D97B8F1666B7D7ACA77
.yahoo.com/	1970-01-20 21:33:34	Name: A3 Value: d=AQABBJSal2QCEHMy1abTh00YVvCz0LiH2RMFEgEBAQHsmGShZAAAAAAA_eMAAA&S=AQAAAn7M6SoJB198R76uOYwhJoo
.quantserve.com/	1970-01-20 14:57:13	Name: d Value: EBkBCQGoKYEA
.quantserve.com/	1970-01-20 22:17:51	Name: mc Value: 64979a94-6a320-aab4d-e9688
.w55c.net/	1970-01-20 13:30:49	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 21:33:13	Name: tuuid Value: 034ac961-f7e8-4ab1-abad-b450ec8dc386
.bidswitch.net/	1970-01-20 21:33:13	Name: c Value: 1687657108
.bidswitch.net/	1970-01-20 21:33:13	Name: tuuid_lu Value: 1687657108
.bidswitch.net/	1970-01-20 12:47:37	Name: google_push Value: ATf1kGO2eM9tQTJKg17pIPIOjauK1bHw-JR_QMWBr0Mm9bR8_lWKA-h1kr8d7M2KcJEVHl64im4fF-9P1RJVFLNmbWhGW9AxDmL03g
.casalemedia.com/	1970-01-20 21:33:13	Name: CMID Value: ZJealM5VdyAQejiOLRx-wQAA
.casalemedia.com/	1970-01-20 14:57:13	Name: CMPS Value: 5202
.casalemedia.com/	1970-01-20 14:57:13	Name: CMPRO Value: 5202
.adnxs.com/	1970-01-20 14:57:13	Name: uuid2 Value: 6868802757314600497
.adnxs.com/	1970-01-20 14:57:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVIj]mxj!]tbPl1M>e)ZlrFUfJ+tGXxo3>?3^Q8hWSKWoF?oWtMsFI0TF1aaSL6uUn%X3If)y3KL9D3I?+YXgi5!
.adform.net/	1970-01-20 13:30:49	Name: C Value: 1
.adform.net/	1970-01-20 14:14:01	Name: uid Value: 9020483780680000853

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8439024877331049&fa=1&ifi=3&uci=a!3&xpc=Oamjw0EviA&p=https%3A//all-news.co Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
all-news.co
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.media-amazon.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
s0.2mdn.net
static.adsafeprotected.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z-na.amazon-adsystem.com
142.250.186.130
142.250.186.98
15.197.193.217
178.250.1.9
18.173.190.175
18.197.42.180
185.218.124.16
185.80.39.216
2.18.161.51
2600:1f18:1aca:4281:7f1:bd6d:da41:8b02
2600:9000:26da:9800:8:48e:53c0:93a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a04:4e42:200::272
2a05:d018:d29:3605:c153:9878:d174:5b1b
35.186.193.173
35.204.158.49
37.157.6.254
37.252.173.215
5.189.131.58
52.222.212.95
52.46.131.85
52.94.233.131
54.170.136.222
54.93.94.222
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05ababce40e3e620b932d6b92130b84286959881fe13ff67aa4c3394842290b8
0737997ad501f9d2933657f8aaa4aae1986e8b790fb68bfe7a8dd959a9a1bfd9
0ac0a2afaef2da38d77b9aa0e808f5b8e76b315e54ca06d340bada63422e3c21
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1370903a1e242d482364b08f180e6add61f2f2b4abae8cfb0de855b56017cfb2
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d
21ed3e1728339b65bcaf90cf6752f4039462e39fcce105d3ab65abf46cce7ea1
24725c812167c883f6d83d92571f9e2bb339f748e19df42b5e7d90d72d225220
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2b8e5c25ff155cd8592dc47d5b88f5f8dc94ddfe58d0882350207900e466ccc6
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
2e06cf17b7cb22eb519b2b934056af3868761abcd6f023f578b00f6b22e79389
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51caacc2cf71b67ee9659442c7195c9ddcd40b046eeb873ba466e6a17ab95cd0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
583333e17d76abba03af2361eac331baf79b74bdc4f1a6358fd30b34d11f5fdf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dda8db38026fc522c7c017ba17bbf533be39a00cea07cbc1086f1537dce7272
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6ca208d9c538a259e3762e4a7db2d4fbf5fe3fab0a67019f3cbbb318089c8427
717182e5b93d3a336d737193325720406fbe91278fde46402bd15ab71053de81
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
728adcdb5284e2608b055196b04f19eca24089de97faa8374d9bb69204845bfa
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7f7a4563a945f57c05734db4835005e87401c8fa28f353aa731e96fe6a97db00
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
811fd355e10a746397b20774a021639057906deae91cea7e48a3ae68331ca961
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8c8a097095fd366404497e362f38133ab840aa7ea03a9860189305894c6a59a1
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92a8b08b7e8a1f2e11a857a885c0751f668a6ebc19dd8253ae623c6f669efa38
961c67b0170887af7d2a8eadc204d51dc9b416437f6098c39dc44afd2fbfbeff
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a27d1c4d5686b6084a72f7488a16856e4c8883a9dddf76e96216ed73ff10712e
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f9d1585ffe85d58e4d32708078cc47cb1b00ad3bf5f224596779f87a4ec26e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4cca7f62e13a09b1df5e7972adf813d6fd10fb7b1bd1430afd29f1829fd26a0
b7ebb60587f2291e0d2843a2c5876efa400ce19aa2002b20fd8e3f928650df1e
b8939a0d5bea5bad9b1dc74928170d320b393615e282545b4e9e1ebcbffc1f28
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bb64d7839b696ba84dfbd8f75092021bb719a1e4ef68da07db7f4bf4f431ee11
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c4903599576b192c922bd78c9fd87b1269cf17b32d947c66280be29fdf7894a6
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
cb9c5ace5ae2745c046e6d33482d3a3bc26c111ef03b88248695b34133cdf581
ce785898e1e223cefbf23ad4a6ac018b9b321f6853933a2c77a4e02fb7be79dc
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de6d4227d7c2186856dc98c33eb45cf3b0e6cf946c5711f139b21e14cdf30479
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eeced1d8cb05e0490197eca352ff09680161f09b254df3fca1acb8e98593a275
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f132a3b6e8c8de07e8491ce98f184a952823c139df20446f61a1a9daca060a49
f2820d4c9969bddb795081b167ff9aa3674d4881100119d6b540506258d68a98
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd754ccda7a50b5c0c1e77f0a1c692408d6f59897b8e58101e2b0ac4d61c3892
ff34e1a6f4a8d6782d0535c0023ed3b0153d6ac20ea38f6298e3db9755b483aa

all-news.co Open in urlscan Pro 5.189.131.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

93 %HTTPS

44 %IPv6

24 Domains

34 Subdomains

28 IPs

7 Countries

9052 kBTransfer

11485 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

all-news.co Open in urlscan Pro
5.189.131.58 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

93 %
HTTPS

44 %
IPv6

24
Domains

34
Subdomains

28
IPs

7
Countries

9052 kB
Transfer

11485 kB
Size

24
Cookies

166 HTTP transactions
5 data transactions