www.shorouknews.com Open in urlscan Pro
62.67.203.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shorouknews.com/mobile/news/vi
Effective URL:
https://www.shorouknews.com/news/vi
Submission: On September 07 via api (September 7th 2023, 12:23:23 pm UTC) from SA — Scanned from DE

Summary HTTP 238 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 35 domains to perform 238 HTTP transactions. The main IP is 62.67.203.100, located in Hürth, Germany and belongs to LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US. The main domain is www.shorouknews.com. The Cisco Umbrella rank of the primary domain is 423020.
TLS certificate: Issued by R3 on July 30th 2023. Valid for: 3 months.

This is the only time www.shorouknews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 60	62.67.203.100 62.67.203.100	10753 (LUMEN-LEG...) (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.48 18.66.112.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.27 13.225.78.27	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
4	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:205... 2600:9000:2057:4400:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
19	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:211... 2600:9000:211e:3a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.126.69.45 3.126.69.45	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6813:afbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
238	42

60 62.67.203.100 (Hürth, Germany) 3 redirects

ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US)

shorouknews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shorouknews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net

cdn.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-27.fra2.r.cloudfront.net

recommendation.speakol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.69.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-69-45.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.118.247 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	shorouknews.com 3 redirects shorouknews.com — Cisco Umbrella Rank: 420057 www.shorouknews.com — Cisco Umbrella Rank: 423020	2 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
33	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 ad.doubleclick.net — Cisco Umbrella Rank: 183	278 KB
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 653 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8975 csm.eu.criteo.net — Cisco Umbrella Rank: 8658	217 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 31243 ad4m.at — Cisco Umbrella Rank: 10371 assets.ad4m.at — Cisco Umbrella Rank: 40583	939 KB
10	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 10550 log.outbrainimg.com — Cisco Umbrella Rank: 2834 images.outbrainimg.com — Cisco Umbrella Rank: 2509	37 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	425 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1704 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4011 odb.outbrain.com — Cisco Umbrella Rank: 2917 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6310	101 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2541 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	180 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9787 flint.defybrick.com — Cisco Umbrella Rank: 8935	20 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8559 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15092 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9434	63 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 72750	736 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72310	516 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 128298 static-de.ad4mat.net — Cisco Umbrella Rank: 162516	4 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 500	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 747	1 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180	884 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	216 B
2	gstatic.com fonts.gstatic.com	62 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
2	speakol.com cdn.speakol.com — Cisco Umbrella Rank: 206356 recommendation.speakol.com — Cisco Umbrella Rank: 225374	144 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 140022	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 79713	1 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 85829	492 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17067	694 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 369	146 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8158	667 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 780	433 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 796	245 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 935	758 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5643	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	90 KB
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
238	35

	Domain	Requested by
59	www.shorouknews.com	2 redirects www.shorouknews.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	pagead2.googlesyndication.com	www.shorouknews.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	imageproxy.eu.criteo.net	ads.eu.criteo.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.shorouknews.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
8	www.googletagservices.com	www.shorouknews.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	images.outbrainimg.com	www.shorouknews.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	widgets.outbrain.com	cdn.speakol.com www.shorouknews.com widgets.outbrain.com
4	connect.facebook.net	www.shorouknews.com connect.facebook.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	log.outbrainimg.com	widgets.outbrain.com
3	region1.analytics.google.com	www.googletagmanager.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	secure.adnxs.com	2 redirects
2	ap.lijit.com	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	flint.defybrick.com	rock.defybrick.com www.shorouknews.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.facebook.com	www.shorouknews.com
2	fonts.gstatic.com	www.shorouknews.com
2	fonts.googleapis.com	client
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rock.defybrick.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.shorouknews.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.shorouknews.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	recommendation.speakol.com	cdn.speakol.com
1	www.googletagmanager.com	www.shorouknews.com
1	cdn.speakol.com	www.shorouknews.com
1	shorouknews.com	1 redirects
0	d31qbv1cthcecs.cloudfront.net Failed	www.shorouknews.com
238	57

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
itunes.apple.com
play.google.com
eg.waseet.shorouknews.com
trk.ajaska.de
hightech-biotech.com
www.outbrain.com
clipsolutions.com
www.weather.com

Subject Issuer	Validity	Valid
shorouknews.com R3	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.speakol.com Amazon RSA 2048 M01	`2023-03-16` - `2024-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-16` - `2023-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://www.shorouknews.com/news/vi
Frame ID: 73069BD588DDCE8784834FA9B65E3B2A
Requests: 110 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 5BA09874F63C46FC7572CCEB6A77F212
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1174047515069954&output=html&adk=1812271804&adf=3025194257&lmt=1694082196&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C128x540_r&format=0x0&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396235&bpp=4&bdt=188&idt=299&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1081315676937&frm=20&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C20222282&oid=2&pvsid=4326161687128848&tmod=116068969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: 7264BACD3812E0523EC145A06CD21E01
Requests: 1 HTTP requests in this frame

Frame: https://72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64BDADAD163AEDBDF906F337DB3DF0A2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqjV3lTOx5keZ8Izg0-5J_ryx0Fkhs34yr5D17rKEeS1Cm3yXIVEDOWz7yqABwnmP8iMJ1DgZ2vfRrHh1g6IsNdeBqKSJZrX6ciRENRsQMHA2R5HgdGcWddWPcwLfsr4uDx30D-uIDBqR8MV7pYQlae0xcCQlerceBe8vIpwyZ3wgJubAFfLzo_Yah3Nb9CxSbv0fHPBIVqQjXO0H19iew1H2DDaVL6o87HL8wOj5mvh82iO0qHvoJjDl4a0UGUuG_LCZjvNCUjpNknhSonvD2ocXYHeqYATiH9RbbUbCm16YDH9Y7HD5xuH2EgJEfYn69Oh7uAN6bY3f_LDTiYmm31VS-wUU&sai=AMfl-YTH5NnNbFGJhZ3OfVb4i-WY8MyhfOfFM_AcwPpz3T3DwB_ZU5k13rZYEGrkPLI4K9ECxPTKZRsVU_WYuvl7q-MVupcL8QaY4LF3sBdKusH-CvyQkQHjwu8pEGFrrRo3J42HhnhjSLIGzEnw3aDO&sig=Cg0ArKJSzNrkvpj8u5c6EAE&uach_m=[UACH]&adurl=
Frame ID: 4EE409EA53E50565429A8E4617CD4FDB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl3AjgVCUiDabotOBEjWk6xkpATzqefpORhHWpxXnsb0HRqaCqxBeCJLfVSKqQVN-J09VZc7D1upGWxyS_GFMel4ZDSZac0Z60PRi9Dx4wpdlpdkfQbwwA_Jepx1bo7mWQwtXZccuajsWDXsEG1o_bRrXsLPAivOEAX77T0jljcz5J2zXMWdE44Y_VC5RC9N7cRolPt-TMEb2WE78JSmQ5CayGBTVTyU1UiQ_olxaYkF-epdX3GSCUTnwMc0bQh-mGpU-VFBnjOXU7q2Y7bK7RTs1LYcCeVTfqBIbF8bLA1CzR_1ZLC4smOXbBzjQWGksh1aYJiqheOqpfq8r31e-akyX3-k97ca4ARIbtZHik7H1K8o5XDLXD&sai=AMfl-YS5yAJMiU_QAZteqIBVmPUmNzy0Q_NMDns7I2lrNLym6NlugE3DRE-CoSO9TscDgzd79RnhWFfx8nN7CCA&sig=Cg0ArKJSzBiKDV8ajizZEAE&uach_m=[UACH]&adurl=
Frame ID: D936525EF59F04DB957F30633593ABD0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_UNweBctFJZfE1CZDXDDghmNh5y0LTeWvxt_VeDvkKZZe0fn_EKmS_daPtgaRbxAOQqc1wHwUEjCk58mRGNDtV4UkM_DpNFuS-lEdLmQcqt__zsoKYo6lxm2Vz4CViSdX2eyz9ezdQjQ_vc8LW9byj-VKg_HpazO8QvKyodDVDcoF0kcZL2Az0XPmzSRICQ6ePE6puYmRgWf7pYqsFYZ_o6zD_o6_9Ptj2DxmVCIG9hkFh4qqwaiHDYNVAiS2QexS7-nDn65WIJMaQy2iCEr6qh0g0ZBS7M2bBJTMEzUbkCheT_Vo1m_aYZI6VK-CtHk4V7Czaw5EL1u4h6fg9rhK7MaUadUUK3eiWbnkEocRZmM&sai=AMfl-YQDRJ8fU7BROgaxzQsw7eGHxGzAVLjkK4a_TdTZ8-erW8RyrFqomaKvzCCjv0RNmEaeb2B6L8b_omNBqWK8fOEPn0Vq3G6ve8N70_o2LAoXxD58V0Gi4AQH5OAXTmN_l5e21gtq3GvYHg6qwiI&sig=Cg0ArKJSzFkRJxf0S7x5EAE&uach_m=[UACH]&adurl=
Frame ID: 726BDA82D2EAEB25E5C33C0CEEABDB4C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdFoe8K_gYJqTgwjKcVa1R12yuWKkfrzFbXv8UzIDLJ2KCO5Z9re1qcY-huRa3NikG7n_jdHNib7pJhGWgXvDUrGAxtuhDjqiv2dImoNxd1SWzzyup3rIxVbKWWpvNksCIkgooJJAej5BNfQFmht5GA-9sxrt81LmlOsn2fgJ8Iq5xSfNx4GkF1ImF1vkRBHZF-zF13u77uBVMLmkSiVruDnrtpz54V5AQoKW4pddxbP631SFQK49PPkkLRA6OUCXObDQWLDri50YlTqkl2tszXoRk4gYvcVGAOQ9s-ZJYPPdQvJgKHgLaRuGvU0l0lZW4QZZWy3Hk38GONnnGNhAKS66mgkER7UX1zs5qepFDg0XmSAH67p2mHw&sai=AMfl-YTMB2SNPN-Clg9XFkjQNssmVm151rSDNXunHqyW_hZnmuRcIQ1E2K56TssNHMeHnep7WMaBxwShlT6-23UvngGJi3-LwDr9ZgkBIdhf1ZjFurmsc7B3lYvQkm7evqAkT1teVsI4e6FOLbn3ZoQ&sig=Cg0ArKJSzLS5RRLmteJFEAE&uach_m=[UACH]&adurl=
Frame ID: 46C1D1812DDE5C055AA50311A2A18D04
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfVjEvkr5-jAU7oMqsrtr6Aogic7Gv6LahSK9gb5aibp9lUX1OxEdLfne2VhOwUdMNPD3w4xpDUNlPwCYvZrXBmcCkNIJPo13IVJiarKSOvoFEg7Duu5YxQTDDw5NMBK6iDnLxR43X5lvLJ5jWpZ3_eBXkGToyekE7K7BFnaJ0l6BDdLYrXlCvMQdeTeFhdgGHFv9xoxbnrYUxpbbob4cAeriD_tI7HkeXZnusdsILe_h_vz6VYCYuBqzxDihdL6HlcExVfG9WZ3tYT79FleZi6oqrK1mTQwQaZ394eSKeU1xAljdIMPIOGjI9frGQjmSK8IlSGtcvJnIASG8_n04qoh4mSJo&sai=AMfl-YQ9dKUOWuupT8ONgIxO-U0JOjgSQ89BhhF1OD_u7Y0cWM5Df1sj6kwfperniSbUOkegjH1FeaTRe_M_km-aQbYYbU1JdBQd-E1xp6PfQ2fA_ezYg3IzKzv2EAEpBVLHtSD3cBEtcoxmp5kGMsk&sig=Cg0ArKJSzO0xKUUd8TcaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C8BC68B16FAF640E7EF93EB6DFB29CFF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: D5845B6EF2081CDE53940D8E263FD857
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPnAtAAI_7YGUIrnAAXGM5s8QDthi15PA79AWQ&u=%7C66nep6hrVC8S%2Fou5FleJTwdSMnOfMRBZsIAGb7MN7tY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSiOYR2qt810N5CH3Ad7-snFC_qOjpF2ownXrqz-UZWKRxQW1jMWJbVWjI-BvxNJARo6OrtDBw7BG1Z116tiUm7_HXdJ6ovCvohMtoJQXLMWeWDlpKCL3RwGIE4-GyD4uzOk3db0ycGULt-TGK8y7t392dmvB0g86Bw4gfpyBqHfyKS1qSIy0oKIyjd9n6k4O_tnCyvVFZT44wbap9wyVfvsbInfOTdNEcIkWR9TTo79s90KrnOEYoPm7-lT2JntD019Lo3A_f1rSZCjk4WSWPTkOrKQ7QLH0GS2hgOVMjKpdcKDwNNGkZdgqakWzHNT0t2XPGVIi5guHCz-rJk5K8ZAO1pc9OXTOqBm5vMMlIBSj5sVf-KMqj3eoiTGv6KwGbcU-m72xELpk8su-B9AM4L0jMrdkmvR5aTKB2u2blrIRj0_x6yG9QAtfXtatzyrf_AKCyLqybjXQJYwjLmAz0oISotRGaPEMIKY6pDNrKUcpZt_b_djQZ-AaAHStLq6tR29su2TA4e8aJGgRXw2fBQpE8PA_v0YCKpJ3RKj4YxrBQbWhv5D9ty8TlPzxgvRwnSS8d67Ni7X3DV7A88brhPWb3MSxC3wWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr2LctMD5ZLb_I-eVwuIPs4yX6A3JntKxXPWR3r6xAcCNtwEQASAAYJWy-IGUB4IBF2NhLXB1Yi0xMTc0MDQ3NTE1MDY5OTU0yAEJqQI0K1zvLPmxPqgDAcgDAqoE_QFP0MQRZJgB1Pfj1lKGSfd4dLs8B6Rq6FxhpeHzEUazCZXmNeKSqAiPpyhZUu4JCyB1Az0wY664Kthpyz3FYWEjnelcqlghadFikCQ1e0aHxS7SnPF9xAHl1VBWBEHbZcR-PexBj8RjJ7R5TStT5ri4Ju7PwFkrr1W_ns8FlI0nmQTWBblNlhjiHxN8JTkclZxZ6i51hu4iG68DbNWAjaWMgmXhF3_cLOTgN171tw3ZSH77i4lbhaswZfI8hXfax9Ksd9Md8luKTEZ4U8BUM4rsltzeRBPk3XRzkxdtdQF-Yj52RTDjkaJomof0MS7ZSbBDGQAD_FZ1C1XqLF5EgAad_pq3vsboiZgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1B0zO2vuZcNDmJMbOCxviKhmEXwQ%26client%3Dca-pub-1174047515069954%26adurl%3D
Frame ID: 4D2D79267B6A1965C15798C8453A57D2
Requests: 35 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 609FF6046F616B0E150D6A12E0AD9A07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
Frame ID: 87A90F5A57C0AD9E572CF874C58ACA4F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D
Frame ID: 9BE73E312323FD86F5973073713A56DA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Frame ID: 449D76D89C2FC0565CB4286430249E13
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CBE0FCFBE6205A116F111EC76BE4A05
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1B907556F1C66E1F6E9C87F150E016B7
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Frame ID: A65B98FAECF35C0253DF545AFF33CD5C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA9CA96F136F259A51D2FAFD27224584
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE1278A088EDDB3BFDCD255DA0365007
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 579664C8010376E996C624014933C110
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4B2F2E2CEDA4B5E19460B430CA8BBC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

خطأ - بوابة الشروق

Page URL History Show full URLs

http://shorouknews.com/mobile/news/vi HTTP 301
https://www.shorouknews.com/mobile/news/vi HTTP 301
http://www.shorouknews.com/news/vi HTTP 301
https://www.shorouknews.com/news/vi Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

238
Requests

96 %
HTTPS

61 %
IPv6

35
Domains

57
Subdomains

42
IPs

6
Countries

5337 kB
Transfer

9495 kB
Size

26
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/shorouknews

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/shorouk_news

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGONWo6kCXGwtyA8SHrHIAw

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82/id1458481490

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.priland.shorouknews

Search URL Search Domain Scan URL

URL: https://eg.waseet.shorouknews.com/ar/site/cairo/index
Title: الوسيط

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/Mjg1Nw==/?utm_source=o&utm_campaign=002a0cccd0a422760a006845a66fff42d0&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: FROM THE WEB [Fotos] Er war eine Ikone, heute sieht Macaulay Culkin so aus (Happy-woman.com)

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MTQ5NA==/?utm_source=o&utm_campaign=001b9c3d7e646dbc7d581e406242e39898&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: FROM THE WEB [Fotos] Heidi Klums Tochter sieht aus wie ihr berühmter Vater (Happy-woman.com)

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MzEwNA==/?utm_source=o&utm_campaign=00b6df21e03ea48fefc3a5fc762ca210a4&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: FROM THE WEB [Fotos] 13 Park-Rache Fotos, die Sie sehen müssen (Die-auto-seite.de)

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MTQ0/?utm_source=o&utm_campaign=0097afa178115eebc938307747c9f21e54&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: FROM THE WEB [Fotos] Das hättest du sicher nicht über Dubai gewusst (Tipps-zum-reisen.de)

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MTc2Ng==/?utm_source=o&utm_campaign=00f47fe9670299a1379aa2156049c9df55&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: FROM THE WEB [Fotos] Auto war für 50 Jahren unterirdisch und wurde nun ausgegraben (Die-auto-seite.de)

Search URL Search Domain Scan URL

URL: https://hightech-biotech.com/?obOrigUrl=true
Title: FROM THE WEB Diese unbekannte Biotech-Aktie will einen riesigen Markt aufrollen (Hightech-Biotech.com)

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de

Search URL Search Domain Scan URL

URL: https://clipsolutions.com/
Title: تصميم وتطوير | CLIPSolutions

Search URL Search Domain Scan URL

URL: https://www.weather.com/
Title: خدمة الطقس | Weather.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shorouknews.com/mobile/news/vi HTTP 301
https://www.shorouknews.com/mobile/news/vi HTTP 301
http://www.shorouknews.com/news/vi HTTP 301
https://www.shorouknews.com/news/vi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 192

https://um.simpli.fi/gp_match?google_gid=CAESEF1ETlYsYlzsWcz3bRKpIBY&google_cver=1&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj0oHe99hYKN6AtTqCC0hWlWkmoHPOaEGdg0S3zGVbheOJYXMBezmfwioS8kFVmVHHdrXI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AF25178B9E0460BBD9378E2CFFD427C&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj0oHe99hYKN6AtTqCC0hWlWkmoHPOaEGdg0S3zGVbheOJYXMBezmfwioS8kFVmVHHdrXI

Request Chain 194

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDblSJQx4MF1yLIOQ4zLYTA&google_cver=1&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3qcYJtH_WxL-tYLoGSDDaMBsR HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDblSJQx4MF1yLIOQ4zLYTA&google_cver=1&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3qcYJtH_WxL-tYLoGSDDaMBsR&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3qcYJtH_WxL-tYLoGSDDaMBsR&google_hm=HSAHtGZHiYN1tuL-QjG2BPdl

Request Chain 195

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGlREY9o6Bb8bqjyM_Mfk3w&google_cver=1&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkwj6cT7emWHnGXZ1WafOjDqioIty9P29wiIwwTIScA-bgqpLHdPBlpSVU4K4Hm8CqHEJpS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkwj6cT7emWHnGXZ1WafOjDqioIty9P29wiIwwTIScA-bgqpLHdPBlpSVU4K4Hm8CqHEJpS

Request Chain 196

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJTmQB2K5L4Cz5KBDj5gsok&google_cver=1&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_RatsvSKQr4O3hOEt7HNob_k9u1f2BN8XLyWj1rO0edSD7b6v-jEpd4WMNyKHAJN9U2FsjJbUOSWDDdJsqOTgDSd7ZDDqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_RatsvSKQr4O3hOEt7HNob_k9u1f2BN8XLyWj1rO0edSD7b6v-jEpd4WMNyKHAJN9U2FsjJbUOSWDDdJsqOTgDSd7ZDDqQ&google_hm=D2G2QDU3RiOzGc9Zxq3wAbc

Request Chain 197

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0UpqK2EU_orby7KA4x6Eg6Awd1Uvq0cKoMopNADnIr5Lwb5Yl87BXEWUuVThiSjsZJzAze1vwLts7IbhRRj447DnohJW6Lzbn6-Hg814YB2q67Y0JaG01_etxRCkHqA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEK0GN0aNlY7_l05kpYsHm7g%26google_cver%3D1%26google_push%3DAXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0UpqK2EU_orby7KA4x6Eg6Awd1Uvq0cKoMopNADnIr5Lwb5Yl87BXEWUuVThiSjsZJzAze1vwLts7IbhRRj447DnohJW6Lzbn6-Hg814YB2q67Y0JaG01_etxRCkHqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTE1MzM1OTYyMDQ0OTczMzg0Mg%3D%3D&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0UpqK2EU_orby7KA4x6Eg6Awd1Uvq0cKoMopNADnIr5Lwb5Yl87BXEWUuVThiSjsZJzAze1vwLts7IbhRRj447DnohJW6Lzbn6-Hg814YB2q67Y0JaG01_etxRCkHqA

Request Chain 226

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1694089398_53b3add0-4d79-11ee-8c55-226543793aa5&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 229

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKf6vua-mIEDFbyQ_QcdJ-0IRg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 232

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMP8vua-mIEDFTaf_QcdJYYC1Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023090714231888645347069X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

238 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vi Show response
www.shorouknews.com/news/
Redirect Chain

http://shorouknews.com/mobile/news/vi
https://www.shorouknews.com/mobile/news/vi
http://www.shorouknews.com/news/vi
https://www.shorouknews.com/news/vi

82 KB
33 KB

73ms
72ms

Document
text/html

62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

b5ade302aa1daab6afc5562e4871d499d08932a7dd3d622c407fa758fdd4de1b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22
cache-control: private
content-encoding: gzip
content-length: 33388
content-type: text/html; charset=utf-8
country
date: Thu, 07 Sep 2023 12:23:15 GMT
grace
server: nginx/1.24.0
vary: Accept-Encoding
x-cache: HIT
x-frame-options: ALLOWALL

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 07 Sep 2023 12:23:15 GMT
Location: https://www.shorouknews.com/news/vi
Server: Varnish
X-Varnish: 484082132

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 123ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1174047515069954

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24c937bfc73fad149bf05fd3cda90ecb080c866c3668f83812221d4567f4f0e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Origin: https://www.shorouknews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50802
x-xss-protection: 0
server: cafe
etag: 4895151095096115013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 128ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7072246965452303

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1738d07df9f4a1839bfb03832b748068e0e908366407c93886b6e9b7ac03f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Origin: https://www.shorouknews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50596
x-xss-protection: 0
server: cafe
etag: 18338358064239485599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 ServiceManager-2.0.js Show response
www.shorouknews.com/_Scripts/_JavaScript/ 806 B
705 B 39ms
37ms Script
application/javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/_Scripts/_JavaScript/ServiceManager-2.0.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9d23ef10c622a924fa465b9b4289df8b3dc24a5fa9ffa1bb64c912adf40ce5b6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2011 00:05:01 GMT
server: nginx/1.24.0
age: 0
etag: "52a08c5bb936cc1:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 447

GET
H2 200 jquery.min.js Show response
www.shorouknews.com/_Scripts/_JavaScript/ 91 KB
41 KB 39ms
38ms Script
application/javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/_Scripts/_JavaScript/jquery.min.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Mon, 09 Feb 2015 12:00:01 GMT
server: nginx/1.24.0
age: 0
etag: "ffb45ef5f44d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 41696

GET
H2 200 bootstrap.min.js Show response
www.shorouknews.com/_Scripts/_JavaScript/ 35 KB
12 KB 76ms
75ms Script
application/javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/_Scripts/_JavaScript/bootstrap.min.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Mon, 05 Jan 2015 09:26:20 GMT
server: nginx/1.24.0
age: 0
etag: "3fd1aaac928d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 12274

GET
H2 200 jquery.hoverImageEnlarge.js Show response
www.shorouknews.com/_Scripts/_JavaScript/ 4 KB
2 KB 78ms
77ms Script
application/javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/_Scripts/_JavaScript/jquery.hoverImageEnlarge.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

558fbbed93c12f4bf9110cb5647beb47b7490c38c9bccdad1c733169642dd906

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2014 16:05:04 GMT
server: nginx/1.24.0
age: 0
etag: "03850648bccf1:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1647

GET
H2 200 superfish.js Show response
www.shorouknews.com/_Scripts/_JavaScript/ 7 KB
3 KB 79ms
78ms Script
application/javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/_Scripts/_JavaScript/superfish.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

997c7e1d4ca02022f240b77a3e6d37c4693d8b7566349ee2b9c81dd34f66b8d3

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Sun, 30 Jun 2013 21:31:44 GMT
server: nginx/1.24.0
age: 0
etag: "0e08237d975ce1:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 2771

GET
H2 200 speakol-widget-v2.js Show response
cdn.speakol.com/widget/js/ 142 KB
142 KB 86ms
27ms Script
application/javascript 18.66.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d9627946fcad2ddacefe71e61e52e0fe6da36f2957869ce1d4abf8e410fbc6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 11:26:54 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jul 2022 14:59:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 262583
etag: "ec9f6107f4c6bf30e1136eb9891d03bf"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 144991
x-amz-cf-id: ejDCmbQkYsWYMCfPr8qxp5eXN9nn_0B_jJkkbGx47ZPVTzJX09EZSQ==

GET
H2 200 bootstrap.css
www.shorouknews.com/App_Themes/Site_Blue/ 133 KB
29 KB 75ms
74ms Stylesheet
text/css 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/App_Themes/Site_Blue/bootstrap.css

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

379f3a2ff54d3f426928fc72c7c9e046ce1161fb949d1cae6861e99dee984e26

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2015 10:07:03 GMT
server: nginx/1.24.0
age: 0
etag: "5f35f9bf517bd01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 29204

GET
H2 200 droidarabickufi.css
www.shorouknews.com/App_Themes/Site_Blue/Font/ 1 KB
647 B 77ms
76ms Stylesheet
text/css 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/App_Themes/Site_Blue/Font/droidarabickufi.css

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3722e7cf4afda01cafe3f71e40ed3f122a85afc9180752ae7a2c583c95546d0f

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 11:41:06 GMT
server: nginx/1.24.0
age: 0
etag: "93a4dca348ded41:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 399

GET
H2 200 main25.css
www.shorouknews.com/App_Themes/Site_Blue/ 134 KB
29 KB 77ms
76ms Stylesheet
text/css 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

20529a83fc8e060e9ff6307e8c041171b8213640a7414b4a4598994906207daa

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Sun, 16 Jul 2023 15:20:05 GMT
server: nginx/1.24.0
age: 0
etag: "21f6b0fff8b7d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 29186

GET
H2 200 reset.css
www.shorouknews.com/App_Themes/Site_Blue/ 806 B
814 B 79ms
78ms Stylesheet
text/css 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/App_Themes/Site_Blue/reset.css

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

cf1f77f7331bd8b63b77608abf167b4a2c8cc08d01f1b172b618747130ea2aa8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Sun, 19 Apr 2015 14:54:52 GMT
server: nginx/1.24.0
age: 0
etag: "eebb50cab07ad01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 566

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H2 200 date-ico.jpg
www.shorouknews.com/app_themes/images/ 1 KB
2 KB 45ms
39ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/date-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d015171e02e628f51a0e83472917a264f3537a176346a7d22df291639bc4c417

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 01 Jan 2015 10:04:17 GMT
server: nginx/1.24.0
age: 0
etag: W/"1dcfff4daa25d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1529

GET
H2 200 clock-ico.jpg
www.shorouknews.com/app_themes/images/ 1 KB
2 KB 45ms
38ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/clock-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

682e217c7328632316401450d073f2430079c2af2a2e27248965cf66ca4d666b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 01 Jan 2015 10:04:17 GMT
server: nginx/1.24.0
age: 0
etag: W/"41e84daa25d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1520

GET
H2 200 weather-ico.jpg
www.shorouknews.com/app_themes/images/ 1 KB
2 KB 46ms
39ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/weather-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

2fd5744ae05a7b0a6dad632dd4a2147c71f8466b0ff975baad390059c0fbc1c0

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 01 Jan 2015 10:04:17 GMT
server: nginx/1.24.0
age: 0
etag: W/"79dcd34daa25d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1532

GET
H2 200 logo.jpg
www.shorouknews.com/app_themes/images/ 8 KB
8 KB 46ms
40ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/logo.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

37d2a7452aa7d6983ebdeceec37b8adc31389ed2609a23d8cf2e1a9508339230

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 05 May 2016 14:57:03 GMT
server: nginx/1.24.0
age: 0
etag: W/"5be72762dea6d11:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 7795

GET
H2 200 373409912_3250837510604596_1967456034148742987_n.jpg
www.shorouknews.com/uploadedimages/Sections/Egypt/original/ 109 KB
110 KB 86ms
80ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Egypt/original/373409912_3250837510604596_1967456034148742987_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0a515f72d64c5af442253f95c74340b25dd8f602d9a2686512feaebf0297aefd

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 12:15:54 GMT
server: nginx/1.24.0
age: 0
etag: W/"807393c85e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 111921

GET
H2 200 373395553_2231787380343493_14114856434070001_n.jpg
www.shorouknews.com/uploadedimages/Sections/Egypt/original/ 134 KB
134 KB 48ms
41ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Egypt/original/373395553_2231787380343493_14114856434070001_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

dd58f587d3bb29ed96c97a0fd863c19404a661bf8822e09476481d223bb8d03c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 12:13:07 GMT
server: nginx/1.24.0
age: 0
etag: W/"abf457a984e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 136824

GET
H2 200 354586452_796490198752480_1226040711385264162_n%20(1).jpg
www.shorouknews.com/uploadedimages/Other/original/ 42 KB
42 KB 86ms
80ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/354586452_796490198752480_1226040711385264162_n%20(1).jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8da6c5e84f051ff3fb31521e001ce23fd45a1ca28a16e95a8a086c68fddb2d46

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 15 Jun 2023 11:49:00 GMT
server: nginx/1.24.0
age: 0
etag: W/"ed1226607f9fd91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 43143

GET
H2 200 %d9%87%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%8...
www.shorouknews.com/uploadedimages/Other/original/ 40 KB
34 KB 85ms
79ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/%d9%87%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88.JPG

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d029ecc1123ab3702767fe7e49be9d65672930b71ea1ee746f3c474d66468f33

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 12:09:00 GMT
server: nginx/1.24.0
age: 8
etag: W/"15ecc81584e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
country
accept-ranges: bytes
content-length: 34671

GET
H2 200 %d9%85%d8%ac%d9%84%d8%b3%20%d8%a7%d9%84%d9%88%d8%b2%d8%b1%d8%a7%d8%a1%20%d8%a7%d9%84%d9%84%d8%a8%d9%86%d8%a7%d9%86%d9%8a2.jpg
www.shorouknews.com/uploadedimages/Box/original/ 116 KB
116 KB 46ms
40ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Box/original/%d9%85%d8%ac%d9%84%d8%b3%20%d8%a7%d9%84%d9%88%d8%b2%d8%b1%d8%a7%d8%a1%20%d8%a7%d9%84%d9%84%d8%a8%d9%86%d8%a7%d9%86%d9%8a2.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ab54e441d2fe5f8f5ff14217034a6b25022da83e32bf2b7d8ef9dbec2b1f2394

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 11:22:12 GMT
server: nginx/1.24.0
age: 0
etag: W/"f87e438c7de1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 118335

GET
H2 200 lonjow.jpg
www.shorouknews.com/uploadedimages/Sections/Politics/original/ 27 KB
27 KB 87ms
81ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Politics/original/lonjow.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1abd2953de50c7f7691d9f2386a8832f51605596024d0f2eb8f1a805599ad0b0

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 12 Nov 2019 13:42:41 GMT
server: nginx/1.24.0
age: 0
etag: W/"c4bd2be5f99d51:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 27377

GET
H2 200 20230113122716223.jpg
www.shorouknews.com/uploadedimages/Sections/Politics/original/ 23 KB
23 KB 87ms
82ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Politics/original/20230113122716223.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

d1fc9b94ce669399f92ad9521f661527b55c951e1939a286f3079c8d450c61ae

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Fri, 13 Jan 2023 14:51:02 GMT
server: nginx/1.24.0
age: 0
etag: W/"ae1eed745e27d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 23368

GET
H2 200 16843566213588.jpg
www.shorouknews.com/uploadedimages/Sections/Sports/original/ 89 KB
89 KB 85ms
80ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Sports/original/16843566213588.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

aae0b64917a810d217db3ce7d68b23c9d197f16b96dd5d1fc053e040bdba3da7

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 18 May 2023 10:41:03 GMT
server: nginx/1.24.0
age: 0
etag: W/"6ee6383e7589d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 90967

GET
H2 200 IMG_6590.jpeg
www.shorouknews.com/uploadedimages/Sections/Sports/original/ 113 KB
106 KB 87ms
81ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Sports/original/IMG_6590.jpeg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3fa599ee5ec87a675a1ccce6201c9630260fc38d925a6b37b2964f9c816854f6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 12:08:52 GMT
server: nginx/1.24.0
age: 0
etag: W/"ef36611184e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 108295

GET
H2 200 demerai-gray-ettifaq-2023.jpg
www.shorouknews.com/uploadedimages/Sections/Sports/original/ 82 KB
82 KB 85ms
80ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Sports/original/demerai-gray-ettifaq-2023.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

00e114934255d67927d6d13e1db9bf2cfe78e6110401acbceebb0dc4cd237e05

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 11:30:39 GMT
server: nginx/1.24.0
age: 0
etag: W/"beeab5ba7ee1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 83738

GET
H2 200 373411363_816701766803742_9117138643750995029_n.jpg
www.shorouknews.com/uploadedimages/Sections/ART/original/ 47 KB
47 KB 87ms
82ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/ART/original/373411363_816701766803742_9117138643750995029_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

523b2a5099ccbdc0f239da183b00972f247ad9b570aa83c01a1f1d4869abc471

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 12:08:14 GMT
server: nginx/1.24.0
age: 0
etag: W/"326aa5fa83e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 47844

GET
H2 200 %d9%85%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%8...
www.shorouknews.com/uploadedimages/Other/original/ 30 KB
24 KB 87ms
82ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/%d9%85%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88%d9%88.JPG

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

85f4c746eef70df9da26152d064ae1b13c099a1fdec9ba0161b0b4166c53eb29

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 11:30:03 GMT
server: nginx/1.24.0
age: 6
etag: W/"cea1bda47ee1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
country
accept-ranges: bytes
content-length: 23970

GET
H2 200 %d8%af%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8...
www.shorouknews.com/uploadedimages/Other/original/ 71 KB
64 KB 86ms
81ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/%d8%af%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a%d9%8a.JPG

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e6a19f2b2f817537d0f4421d2ce3a2b61db30daac4e20e55011db6229cef8431

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 11:13:07 GMT
server: nginx/1.24.0
age: 22
etag: W/"9b6b5a477ce1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
country
accept-ranges: bytes
content-length: 65601

GET
H2 200 373400073_313731717851012_6614597057708087246_n.jpg
www.shorouknews.com/uploadedimages/Sections/ART/original/ 44 KB
44 KB 86ms
81ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/ART/original/373400073_313731717851012_6614597057708087246_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3cf19029e63eb8105fafbe69427e00392de1db85caa6e93748dc66787f8e0f90

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 11:09:48 GMT
server: nginx/1.24.0
age: 0
etag: W/"d3fdad07be1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 44951

GET
H2 200 5f646af2-de03-43bb-b78c-f6bc7ca097e6.jpg
www.shorouknews.com/uploadedimages/Other/original/ 42 KB
43 KB 119ms
114ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/5f646af2-de03-43bb-b78c-f6bc7ca097e6.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6bb685d02a2098cf0e9b90d481a9d2a4bcc8480ade7419df07f8ded54010dde4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 12:04:29 GMT
server: nginx/1.24.0
age: 0
etag: W/"c04f337483e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 43295

GET
H2 200 13453299_p.jpeg
www.shorouknews.com/uploadedimages/Sections/Business/Communications/original/ 40 KB
40 KB 119ms
114ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Business/Communications/original/13453299_p.jpeg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

5dd3952f0609334bbab1db2ae628ece661849b6a9192856980cf4dbac34f387c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Sep 2023 11:47:32 GMT
server: nginx/1.24.0
age: 0
etag: W/"f0f88a1681e1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 40403

GET
H2 200 khaligyoun78635.jpg
www.shorouknews.com/uploadedimages/Sections/Business/Real%20Estate/original/ 47 KB
47 KB 119ms
114ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Business/Real%20Estate/original/khaligyoun78635.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

7b3d857f32d0032cf03b64c8f382e306d893d0bc0fcc48e90c5f80515fa31b91

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 07 Sep 2023 11:34:44 GMT
server: nginx/1.24.0
age: 0
etag: W/"1a44ad4c7fe1d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 47753

GET
H2 200 5645233123331123.jpg
www.shorouknews.com/uploadedimages/Other/original/ 13 KB
13 KB 119ms
114ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/5645233123331123.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6fd4ab688fbaa241d25046072002d960c8ec3bc500bb2e97a1a54d2bd8017960

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 04 Jun 2020 12:13:19 GMT
server: nginx/1.24.0
age: 0
etag: W/"db2e9288693ad61:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 12841

GET
H2 200 %d8%aa%d8%ac%d8%af%d9%8a%d8%af%20%d8%ad%d8%a8%d8%b3%20%d8%b4%d8%a7%d8%a8%20%d8%af%d9%87%d8%b3.jpg
www.shorouknews.com/uploadedimages/Other/original/ 10 KB
10 KB 119ms
115ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/%d8%aa%d8%ac%d8%af%d9%8a%d8%af%20%d8%ad%d8%a8%d8%b3%20%d8%b4%d8%a7%d8%a8%20%d8%af%d9%87%d8%b3.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

491edabe4afdd871a4f1c23014a5326f95bcaf805b4c720f66b31ca804807375

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sat, 12 Nov 2022 13:07:20 GMT
server: nginx/1.24.0
age: 0
etag: W/"9430eeb297f6d81:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 10144

GET
H2 200 6u6565u.jpg
www.shorouknews.com/uploadedimages/Sections/Egypt/Accidents/original/ 4 KB
4 KB 119ms
115ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Egypt/Accidents/original/6u6565u.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8231eabfa9417524cb9e88af68aa1b9963d276b91f2723bdf91682312bb0d63d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Mon, 06 Mar 2023 16:33:04 GMT
server: nginx/1.24.0
age: 0
etag: W/"c0fb2a534950d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 3632

GET
H2 200 355761234_149291541494490_57105109373579602450_n.jpg
www.shorouknews.com/uploadedimages/Sections/Politics/original/ 48 KB
48 KB 120ms
116ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/Politics/original/355761234_149291541494490_57105109373579602450_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

c7697385e686dce9519e77330f96d3cb0256e3d97df2da2d3acb3d8fd66f242f

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Mon, 03 Jul 2023 17:53:11 GMT
server: nginx/1.24.0
age: 0
etag: W/"db77c73bd7add91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 48956

GET
H2 200 %d8%a8%d8%b1%d9%86%d8%a7%d9%85%d8%ac%20%d9%83%d9%84%20%d8%a7%d9%84%d8%b2%d9%88%d8%a7%d9%8a%d8%a7.jpg
www.shorouknews.com/uploadedimages/Other/original/ 46 KB
47 KB 119ms
115ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Other/original/%d8%a8%d8%b1%d9%86%d8%a7%d9%85%d8%ac%20%d9%83%d9%84%20%d8%a7%d9%84%d8%b2%d9%88%d8%a7%d9%8a%d8%a7.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

38c5bd99832efee892e129a72341cd2b5bcbe081a39c02b4c6bfa9f225550380

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Wed, 06 Sep 2023 15:42:05 GMT
server: nginx/1.24.0
age: 0
etag: W/"d96deb0d8e0d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 47588

GET
H2 200 2018061809010212.jpg
www.shorouknews.com/uploadedimages/Sections/ART/original/ 12 KB
12 KB 119ms
115ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/ART/original/2018061809010212.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

9e3656c0835ee44467b18933acd5a790954e62a5c5419fb5342020cfd867cc6d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 11 May 2023 10:20:14 GMT
server: nginx/1.24.0
age: 0
etag: W/"b4c3a2df283d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 11987

GET
H2 200 375021223_3587348631534482_2946220711397110626_n.jpg
www.shorouknews.com/uploadedimages/Sections/ART/original/ 136 KB
137 KB 120ms
116ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/uploadedimages/Sections/ART/original/375021223_3587348631534482_2946220711397110626_n.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

6400744d65ae94eea5ea9a372fc2971c5be2f8a3c7ec2dd087fec1c2ba649600

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Wed, 06 Sep 2023 12:55:34 GMT
server: nginx/1.24.0
age: 0
etag: W/"fe9dc06cc1e0d91:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 139500

GET
H2 200 yellowArrow-l-ico.png
www.shorouknews.com/app_themes/images/ 1 KB
1 KB 119ms
115ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/yellowArrow-l-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

f336855e040cebd8d00280a3f1dca9167bea3034d743376945158c7001cd3878

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:32:36 GMT
server: nginx/1.24.0
age: 0
etag: W/"b5e7a29dbd29d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1145

GET
H2 200 yellowArrow-r-ico.png
www.shorouknews.com/app_themes/images/ 1 KB
1 KB 151ms
147ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/yellowArrow-r-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ff920d22e55dd958202f9c1a39b190362b98431fae92175cd348daa512cc735c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:32:42 GMT
server: nginx/1.24.0
age: 0
etag: W/"18a86ca1bd29d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1147

GET
H2 200 clip-ico.jpg
www.shorouknews.com/app_themes/images/ 2 KB
2 KB 119ms
115ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/clip-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

cc3b15cac66ed26df4ba8d4e879fffd3cfc0923ed28d42286ad638b901fe5890

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sun, 04 Jan 2015 15:53:06 GMT
server: nginx/1.24.0
age: 0
etag: W/"d3beee873628d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1628

GET
H2 200 wa-ico.jpg
www.shorouknews.com/app_themes/images/ 2 KB
2 KB 151ms
147ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/app_themes/images/wa-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0150ad56abb5b66588eed982945d3b824e676137ae9e305446d1728a20ae4c78

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sun, 04 Jan 2015 15:53:19 GMT
server: nginx/1.24.0
age: 0
etag: W/"298c838f3628d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1709

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
90 KB 90ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9K72S3WSDG

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30edd99531761e544ec4b9955e8ab713d16af5717adec2095a3529f08ff9bfb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 WebResource.axd Show response
www.shorouknews.com/ 23 KB
6 KB 40ms
35ms Script
application/x-javascript 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shorouknews.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZFtZUgMI1E_rwoVghMAvsACXKNmpWFECQJL7Q6CTt3QzOy331KrThrZob05ZBJxO9Q2&t=638240457260000000

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/news/vi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 02:35:26 GMT
server: nginx/1.24.0
age: 42
grace
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-frame-options: ALLOWALL
cache-control: public
country
accept-ranges: bytes
content-length: 6007
expires: Fri, 06 Sep 2024 00:34:45 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
29 KB 168ms
115ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f430b5d92342848589ebb394f723a255100382c15cc9e6ccc8773ae0e4b93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29061
x-xss-protection: 0
server: cafe
etag: 238 / 19607 / 31077625 / config-hash: 6414607385770146083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 69ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 12:23:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: Xm5FT4zODG71FnhUBhSSk6ATcyAEIPW9Dj24Y0HBVWR1Mtx0xjtetG9ZqpGPQoKg2TbhjYPT/uIt/Vq/FySejA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 761 B
791 B 79ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 12:19:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
658 B 79ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 12:16:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 112ms
63ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bd485c564564fdf0155995dbdb3406aff4524b2cdf47540544b34e95bf63ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 12:23:16 GMT
content-md5: KKKKJS4fr/rbbuxldcEGzw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: kCgO4bZC00dioSfz5y9YpYcze/6Afyh0lvqdVgBiR1/zRvS5cBpD0rK4+dlkDb2EcHYPK9nfFJQfAt7DkPdrrA==
x-fb-content-md5: 26d7e6b4be83c95413ceb5cc85e350f4
cross-origin-opener-policy: same-origin-allow-popups
etag: "d8ee4c1fc1b24d959c0ad458aa360e43"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:29:09 GMT

GET
H2 200 fb-ico.jpg
www.shorouknews.com/App_Themes/images/ 2 KB
2 KB 142ms
141ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/fb-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

b6658f07da282778e5b670a1315457f5974886a602de247195e0a1b3b5ae2aea

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:26:32 GMT
server: nginx/1.24.0
age: 0
etag: W/"dc89ac4bc29d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1707

GET
H2 200 tw-ico.jpg
www.shorouknews.com/App_Themes/images/ 2 KB
2 KB 142ms
142ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/tw-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

26b1cdbb05006595e63a60ce7907c0bcf8967830ad6cc2c46216386477f4197e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:26:32 GMT
server: nginx/1.24.0
age: 0
etag: W/"c3e1c6c4bc29d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1724

GET
H2 200 yt-ico.jpg
www.shorouknews.com/App_Themes/images/ 2 KB
2 KB 142ms
142ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/yt-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e04ee4133b6bc79c999130679625df1d891c439b9c6d17fbf37f698a814f02ac

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:26:32 GMT
server: nginx/1.24.0
age: 0
etag: W/"aeb0e7c4bc29d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1759

GET
H2 200 ios-ico.png
www.shorouknews.com/App_Themes/images/ 17 KB
18 KB 143ms
142ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/ios-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

f52f5e64f656100a9fbb4383bd4c9085a03ecb7f681c741eb067b8b03c307b6a

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 23 May 2019 11:56:30 GMT
server: nginx/1.24.0
age: 0
etag: W/"02bf08e5e11d51:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 17667

GET
H2 200 android-ico.png
www.shorouknews.com/App_Themes/images/ 17 KB
18 KB 142ms
142ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/android-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

c9d78f2b64adba633b19c424ec7c7a8c4a6fc7377a08b8b1a14d69660d1e12a1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 23 May 2019 11:56:30 GMT
server: nginx/1.24.0
age: 0
etag: W/"02bf08e5e11d51:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 17717

GET
H2 200 search-btn.png
www.shorouknews.com/App_Themes/images/ 1 KB
1 KB 142ms
142ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/search-btn.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

73e841a9b46ca6b96e6bab501c7a44f079a2a0ce1c875e66fb3b6e67aa9a41d4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 06 Jan 2015 14:50:45 GMT
server: nginx/1.24.0
age: 0
etag: W/"e361eb26c029d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1264

GET
H2 200 ticker-ico.png
www.shorouknews.com/App_Themes/images/ 2 KB
3 KB 142ms
141ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/ticker-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

2219ef2c7fdc0eebd87e483c3dc31a09be1f695209e119866767a757ad72f789

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 01 Jan 2015 13:01:11 GMT
server: nginx/1.24.0
age: 0
etag: W/"e5516e4c325d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 2358

GET
H2 200 pdf-ico.png
www.shorouknews.com/App_Themes/images/ 2 KB
2 KB 142ms
141ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/pdf-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0c2ff9cfc2dc77d7757fcbc0228a4b87cbadd0c6e2f761477775068a4ddf027d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Thu, 01 Jan 2015 11:42:03 GMT
server: nginx/1.24.0
age: 0
etag: W/"b6b21bf6b725d01:0"
grace
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes

GET
H2 200 lightGreyArrow.png
www.shorouknews.com/App_Themes/images/ 1 KB
1 KB 141ms
141ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/lightGreyArrow.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

026615d6f2231314db99189a4926886f7463a1b5a89f4f05dc8f6161b971a111

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Mon, 12 Jan 2015 14:38:26 GMT
server: nginx/1.24.0
age: 0
etag: W/"5a87146d752ed01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1147

GET
H2 200 content-bg.jpg
www.shorouknews.com/App_Themes/images/ 1 KB
1 KB 142ms
141ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/content-bg.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

57b70aa592d7b273a6a489631d8f535c7846fd96ce76e697c73c40e587cb596e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sun, 04 Jan 2015 15:06:55 GMT
server: nginx/1.24.0
age: 0
etag: W/"69a6f9133028d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1242

GET
H2 200 error-ico.jpg
www.shorouknews.com/App_Themes/Images/ 3 KB
4 KB 141ms
141ms Image
image/jpeg 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/Images/error-ico.jpg

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ea28d5d82a36f530a0cab70e8adbfcf8f7e17dfc60a26c3906b79e3a8534b26d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Mon, 02 Mar 2015 12:41:14 GMT
server: nginx/1.24.0
age: 0
etag: W/"59e672be654d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 3445

GET
H2 200 red-bullet.png
www.shorouknews.com/App_Themes/images/ 972 B
1 KB 141ms
140ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/red-bullet.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8f473159cb80b9d27f5760e5ad8964fc283138c3ac8f0c0416c105f8b2cbc13c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sun, 04 Jan 2015 11:01:01 GMT
server: nginx/1.24.0
age: 0
etag: W/"fb10eab9d28d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 972

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/Font/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Origin: https://www.shorouknews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 20:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31147
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 20:21:00 GMT

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 90ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/Font/droidarabickufi.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Origin: https://www.shorouknews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 18:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31448
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 18:06:09 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 377 KB
128 KB 139ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1174047515069954&plah=www.shorouknews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1174047515069954

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e809e056ef87dcf46f7ec71b703fccd8f337bd5a2c96762dbe31586f70f792a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131262
x-xss-protection: 0
server: cafe
etag: 13096061099053047136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 5BA0 10 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1174047515069954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:04 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 blueArrow-l-ico.png
www.shorouknews.com/App_Themes/images/ 1 KB
1 KB 64ms
64ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/blueArrow-l-ico.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

4a27b3b75d33ce32d3ce802326b92da13862557b5cdb1fe4299b24ab04d9e89b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Sun, 26 Apr 2015 15:22:51 GMT
server: nginx/1.24.0
age: 0
etag: W/"8c9eedc3480d01:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 1064

GET
H2 200 config Show response
recommendation.speakol.com/api/v2.1/recommendation/ 7 KB
2 KB 185ms
118ms Fetch
application/json 13.225.78.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendation.speakol.com/api/v2.1/recommendation/config?wids=wi-1090&uid=undefined&rid=&ref=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-27.fra2.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: e80390246ffdcc7dbbe4c7a449da23eb4fdac14ecd5252019d33dd5897df1d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
server: nginx/1.21.6
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.shorouknews.com
x-cache: Miss from cloudfront
access-control-expose-headers: Content-Length
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Set-Cookie, Cookie, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
x-amz-cf-id: y-30Xi5rsIVQyiQ5pcYcqx44RQu6dVkHQuF7CH24g9fLAMTKTh8z6Q==

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 309 KB
87 KB 45ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=21abde63d8051ebae36221fcb4eb8d95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41ffa9c02231fabd30f48330bfdf6c38c74f90a75e0567e2f70525bc992c6225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.shorouknews.com/
Origin: https://www.shorouknews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Sep 2023 12:23:16 GMT
content-md5: /QJF7rNqyJNKsvH5ja6ghQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89205
x-fb-debug: CnGzJbpZo2kk1mObfNk0HuAww94fCs9OZs3CHD/Q43JWmASBrjXq7Lwb3xTp3lbNcBSDdidAkOPlILx1DkLvGQ==
x-fb-content-md5: e304239b2a56d5fc641c6d29db54a129
cross-origin-opener-policy: same-origin-allow-popups
etag: "1cf61a52ac854a8d31a64e67749752bf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Sep 2024 10:57:50 GMT

GET
H2 200 2392364917476331 Show response
connect.facebook.net/signals/config/ 149 KB
39 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2392364917476331?v=2.9.125&r=stable&domain=www.shorouknews.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6921c3d43a6214feb22f72bf0b393dbd8d99005d2225e296b6070362035b335c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Sep 2023 12:23:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39063
x-xss-protection: 0
pragma: public
x-fb-debug: 1SSIxinDgpxpukx+wyzfi56sPdOGDFgyFyt1U2dh1r+nZNX92Axisf4bkDv8Gg89C6Cg6yvBdA/LaP+sGg7jcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 68ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2392364917476331&ev=PageView&dl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&rl=&if=false&ts=1694089396400&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1694089396398.1568210017&cs_est=true&it=1694089396323&coo=false&rqm=GET

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Sep 2023 12:23:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 89ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9K72S3WSDG&_ono=1&gtm=45je38u0&_p=725020562&_gaz=1&cid=1065299618.1694089396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694089396&sct=1&seg=0&dl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&dt=%D8%AE%D8%B7%D8%A3%20-%20%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K72S3WSDG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 86ms
28ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-9K72S3WSDG&cid=1065299618.1694089396&gtm=45je38u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K72S3WSDG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 107ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-9K72S3WSDG&cid=1065299618.1694089396&gtm=45je38u0&aip=1&z=1756069113

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 403 KB
127 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 11:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4886
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129723
x-xss-protection: 0
server: cafe
etag: 14901160554504536944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Sep 2024 11:01:50 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 230 KB
84 KB 106ms
33ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: cdn.speakol.com
URL: https://cdn.speakol.com/widget/js/speakol-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2a4113631407ab619ed2d9096675d776ed798768b591d8004e56476ebeac4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 13:05:22 GMT
etag: "13-ZUdYv+6hr+jKxY616YG9VnKE+GY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 1eb8dc77dbf262eb3d784e6908f03fa5
timing-allow-origin: *, *
content-length: 85180
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 76ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.shorouknews.com&callback=_gfp_s_&client=ca-pub-1174047515069954

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1174047515069954&plah=www.shorouknews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f6fb56bd709cade520d9c1f320ac0c5a67f5e780a36492e3e173d24fee57cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7264 51 KB
18 KB 260ms
259ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1174047515069954&output=html&adk=1812271804&adf=3025194257&lmt=1694082196&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C128x540_r&format=0x0&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396235&bpp=4&bdt=188&idt=299&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1081315676937&frm=20&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C20222282&oid=2&pvsid=4326161687128848&tmod=116068969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c35a334a5be4d552f3c1f76eb94c1dea8503310f260a74138a4db3c86ecf00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:16 GMT
expires: Thu, 07 Sep 2023 12:23:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 84ms
83ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4326161687128848&correlator=1758612313554293&eid=31077366%2C31077625%2C31077231%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=12740106%2CAll_Sections_Leaderboard_Top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694089396600&lmt=1694082196&adxs=305&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&vis=1&psz=728x90&msz=728x-1&fws=0&ohw=0&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=true&dlt=1694089396047&idt=523&adks=189150624&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bb5751420eb2c2a03ae203bbedaf76fc3f11d5bbc894733ca79bc6c5e135fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24174
x-xss-protection: 0
google-lineitem-id: 6370573188
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445635181
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
21 KB 65ms
64ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4326161687128848&correlator=1758612313554293&eid=31077366%2C31077625%2C31077231%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=12740106%2CAll_Sections_Popup_780x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=780x400&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694089396609&lmt=1694082196&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&vis=1&psz=780x400&msz=0x-1&fws=128&ohw=0&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=true&dlt=1694089396047&idt=523&adks=743862113&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a37a40f301678ad1af42f250ba66ab3e3e752346c0f9f9481a9bc61757881f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20838
x-xss-protection: 0
google-lineitem-id: 6373408025
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444874025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
23 KB 74ms
74ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4326161687128848&correlator=1758612313554293&eid=31077366%2C31077625%2C31077231%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=12740106%2CAll_Sections_Left_Wide_Skyscraper_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694089396612&lmt=1694082196&adxs=135&adys=252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&vis=1&psz=160x600&msz=160x-1&fws=0&ohw=0&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=true&dlt=1694089396047&idt=523&adks=776233071&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df568d08d7bdb22aaa1d263dd2eb955a617ed6b2cf7cb81758401e470c711cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23646
x-xss-protection: 0
google-lineitem-id: 6339919621
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138438413885
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 87ms
87ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4326161687128848&correlator=1758612313554293&eid=31077366%2C31077625%2C31077231%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=12740106%2CAll_Sections_Right_Wide_Skyscraper_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694089396614&lmt=1694082196&adxs=1305&adys=252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&vis=1&psz=160x600&msz=160x-1&fws=0&ohw=0&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=true&dlt=1694089396047&idt=523&adks=2368201745&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac96eaff1b1f7a4928d80a5e71651098743775f719a9a3cf89fcc98fe408dfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24227
x-xss-protection: 0
google-lineitem-id: 6349499977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440658274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 91ms
91ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4326161687128848&correlator=1758612313554293&eid=31077366%2C31077625%2C31077231%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=12740106%2CHome_bottom_custom_570x300&enc_prev_ius=%2F0%2F1&prev_iu_szs=570x300&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694089396616&lmt=1694082196&adxs=594&adys=590&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&vis=1&psz=728x300&msz=570x-1&fws=0&ohw=0&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=725020562&ga_fc=true&dlt=1694089396047&idt=523&adks=3400532879&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad6fae696039cb36e2f95b4fd1b7527813e0662dee100593a5066dd8197885b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11910
x-xss-protection: 0
google-lineitem-id: 407646026
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138228017235
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64BD 6 KB
3 KB 91ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:16 GMT
expires: Fri, 06 Sep 2024 12:23:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK d3d3LnNob3JvdWtuZXdzLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 282ms
68ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnNob3JvdWtuZXdzLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 12:23:16 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3424
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 303b26a4528bf87c50bd49473f16f094
Content-Length: 16
Expires: Thu, 07 Sep 2023 13:20:20 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 34ms
33ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Sat, 07 Oct 2023 12:23:16 GMT
date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE4 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqjV3lTOx5keZ8Izg0-5J_ryx0Fkhs34yr5D17rKEeS1Cm3yXIVEDOWz7yqABwnmP8iMJ1DgZ2vfRrHh1g6IsNdeBqKSJZrX6ciRENRsQMHA2R5HgdGcWddWPcwLfsr4uDx30D-uIDBqR8MV7pYQlae0xcCQlerceBe8vIpwyZ3wgJubAFfLzo_Yah3Nb9CxSbv0fHPBIVqQjXO0H19iew1H2DDaVL6o87HL8wOj5mvh82iO0qHvoJjDl4a0UGUuG_LCZjvNCUjpNknhSonvD2ocXYHeqYATiH9RbbUbCm16YDH9Y7HD5xuH2EgJEfYn69Oh7uAN6bY3f_LDTiYmm31VS-wUU&sai=AMfl-YTH5NnNbFGJhZ3OfVb4i-WY8MyhfOfFM_AcwPpz3T3DwB_ZU5k13rZYEGrkPLI4K9ECxPTKZRsVU_WYuvl7q-MVupcL8QaY4LF3sBdKusH-CvyQkQHjwu8pEGFrrRo3J42HhnhjSLIGzEnw3aDO&sig=Cg0ArKJSzNrkvpj8u5c6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 4EE4 23 KB
9 KB 198ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 4EE4 3 KB
1 KB 201ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EE4 181 KB
57 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 7611880993875442284
tpc.googlesyndication.com/simgad/ Frame 4EE4 267 KB
267 KB 237ms
63ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7611880993875442284

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376d8059a15f6e8a2be5335937058586ef67f249e6f3b94e2b15bf573bdec1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 11:52:17 GMT
x-content-type-options: nosniff
age: 1859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273524
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 11:50:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Sep 2024 11:52:17 GMT

GET
H2 200 x.png
www.shorouknews.com/App_Themes/images/ 299 B
555 B 37ms
36ms Image
image/png 62.67.203.100
LUMEN-LEGACY-L3-C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shorouknews.com/App_Themes/images/x.png

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.67.203.100 Hürth, Germany, ASN10753 (LUMEN-LEGACY-L3-CUSTOMER-SHARED-USE, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

4a983642d8c653b846e79697e1e11335074903d724f8ba732f9ecf3f6a1e7893

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/App_Themes/Site_Blue/main25.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
last-modified: Tue, 04 Nov 2014 12:12:47 GMT
server: nginx/1.24.0
x-cacheable: NO:Got Session
age: 0
etag: W/"939d96a528f8cf1:0"
grace
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
x-frame-options: ALLOWALL
cache-control: max-age=345600
country
accept-ranges: bytes
content-length: 299

GET
DATA 200
OK truncated
/ Frame 4EE4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 903f6e82d15f3fa8988b8aa4ce6ffeb7f3e655c37ffec02b27d4c4f7fc6bc2c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9K72S3WSDG&_ono=1&gtm=45je38u0&_p=725020562&cid=1065299618.1694089396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694089396&sct=1&seg=0&dl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&dt=%D8%AE%D8%B7%D8%A3%20-%20%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82&en=scroll&epn.percent_scrolled=90&_et=15
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K72S3WSDG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D936 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl3AjgVCUiDabotOBEjWk6xkpATzqefpORhHWpxXnsb0HRqaCqxBeCJLfVSKqQVN-J09VZc7D1upGWxyS_GFMel4ZDSZac0Z60PRi9Dx4wpdlpdkfQbwwA_Jepx1bo7mWQwtXZccuajsWDXsEG1o_bRrXsLPAivOEAX77T0jljcz5J2zXMWdE44Y_VC5RC9N7cRolPt-TMEb2WE78JSmQ5CayGBTVTyU1UiQ_olxaYkF-epdX3GSCUTnwMc0bQh-mGpU-VFBnjOXU7q2Y7bK7RTs1LYcCeVTfqBIbF8bLA1CzR_1ZLC4smOXbBzjQWGksh1aYJiqheOqpfq8r31e-akyX3-k97ca4ARIbtZHik7H1K8o5XDLXD&sai=AMfl-YS5yAJMiU_QAZteqIBVmPUmNzy0Q_NMDns7I2lrNLym6NlugE3DRE-CoSO9TscDgzd79RnhWFfx8nN7CCA&sig=Cg0ArKJSzBiKDV8ajizZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame D936 23 KB
9 KB 179ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D936 3 KB
1 KB 190ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D936 181 KB
57 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 14956657013449967125
tpc.googlesyndication.com/simgad/ Frame D936 147 KB
147 KB 223ms
71ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14956657013449967125

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e57f2c259f8fcaf8f78a6059cec492159810885a719b473f906f73b81640931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 12:02:46 GMT
x-content-type-options: nosniff
age: 433230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150443
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 13:29:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 12:02:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 726B 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_UNweBctFJZfE1CZDXDDghmNh5y0LTeWvxt_VeDvkKZZe0fn_EKmS_daPtgaRbxAOQqc1wHwUEjCk58mRGNDtV4UkM_DpNFuS-lEdLmQcqt__zsoKYo6lxm2Vz4CViSdX2eyz9ezdQjQ_vc8LW9byj-VKg_HpazO8QvKyodDVDcoF0kcZL2Az0XPmzSRICQ6ePE6puYmRgWf7pYqsFYZ_o6zD_o6_9Ptj2DxmVCIG9hkFh4qqwaiHDYNVAiS2QexS7-nDn65WIJMaQy2iCEr6qh0g0ZBS7M2bBJTMEzUbkCheT_Vo1m_aYZI6VK-CtHk4V7Czaw5EL1u4h6fg9rhK7MaUadUUK3eiWbnkEocRZmM&sai=AMfl-YQDRJ8fU7BROgaxzQsw7eGHxGzAVLjkK4a_TdTZ8-erW8RyrFqomaKvzCCjv0RNmEaeb2B6L8b_omNBqWK8fOEPn0Vq3G6ve8N70_o2LAoXxD58V0Gi4AQH5OAXTmN_l5e21gtq3GvYHg6qwiI&sig=Cg0ArKJSzFkRJxf0S7x5EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 726B 23 KB
9 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 726B 3 KB
1 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 726B 181 KB
57 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 754016697899297085
tpc.googlesyndication.com/simgad/ Frame 726B 34 KB
34 KB 152ms
53ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/754016697899297085

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6b0dc1452c13a10ef6d0abf2412cda050c2fe0b9292a631fcd21f92219cc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 19:15:34 GMT
x-content-type-options: nosniff
age: 493662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34601
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 18:27:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Aug 2024 19:15:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46C1 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdFoe8K_gYJqTgwjKcVa1R12yuWKkfrzFbXv8UzIDLJ2KCO5Z9re1qcY-huRa3NikG7n_jdHNib7pJhGWgXvDUrGAxtuhDjqiv2dImoNxd1SWzzyup3rIxVbKWWpvNksCIkgooJJAej5BNfQFmht5GA-9sxrt81LmlOsn2fgJ8Iq5xSfNx4GkF1ImF1vkRBHZF-zF13u77uBVMLmkSiVruDnrtpz54V5AQoKW4pddxbP631SFQK49PPkkLRA6OUCXObDQWLDri50YlTqkl2tszXoRk4gYvcVGAOQ9s-ZJYPPdQvJgKHgLaRuGvU0l0lZW4QZZWy3Hk38GONnnGNhAKS66mgkER7UX1zs5qepFDg0XmSAH67p2mHw&sai=AMfl-YTMB2SNPN-Clg9XFkjQNssmVm151rSDNXunHqyW_hZnmuRcIQ1E2K56TssNHMeHnep7WMaBxwShlT6-23UvngGJi3-LwDr9ZgkBIdhf1ZjFurmsc7B3lYvQkm7evqAkT1teVsI4e6FOLbn3ZoQ&sig=Cg0ArKJSzLS5RRLmteJFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 46C1 23 KB
9 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 46C1 3 KB
1 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46C1 181 KB
56 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 14334739489118812232
tpc.googlesyndication.com/simgad/ Frame 46C1 138 KB
139 KB 137ms
38ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14334739489118812232

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59116f4edd0b707259f960c7364f2dcba84d24f1a339d4e75e71e96d2d8a4f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:37:59 GMT
x-content-type-options: nosniff
age: 427517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141716
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 12:27:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 13:37:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8BC 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfVjEvkr5-jAU7oMqsrtr6Aogic7Gv6LahSK9gb5aibp9lUX1OxEdLfne2VhOwUdMNPD3w4xpDUNlPwCYvZrXBmcCkNIJPo13IVJiarKSOvoFEg7Duu5YxQTDDw5NMBK6iDnLxR43X5lvLJ5jWpZ3_eBXkGToyekE7K7BFnaJ0l6BDdLYrXlCvMQdeTeFhdgGHFv9xoxbnrYUxpbbob4cAeriD_tI7HkeXZnusdsILe_h_vz6VYCYuBqzxDihdL6HlcExVfG9WZ3tYT79FleZi6oqrK1mTQwQaZ394eSKeU1xAljdIMPIOGjI9frGQjmSK8IlSGtcvJnIASG8_n04qoh4mSJo&sai=AMfl-YQ9dKUOWuupT8ONgIxO-U0JOjgSQ89BhhF1OD_u7Y0cWM5Df1sj6kwfperniSbUOkegjH1FeaTRe_M_km-aQbYYbU1JdBQd-E1xp6PfQ2fA_ezYg3IzKzv2EAEpBVLHtSD3cBEtcoxmp5kGMsk&sig=Cg0ArKJSzO0xKUUd8TcaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C8BC 18 KB
8 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a54f0cd19d664daef6cf1f12ed80eb582690e513fbd7d09543c5edc5cea787c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7897
x-xss-protection: 0
server: cafe
etag: 5491377319152348988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8BC 181 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
DATA 200
OK truncated
/ Frame D936 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcad982f3c5aa7614f7df43719048244c010c28e8545bd16670c4368758ce91c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 726B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3637ae88eb464dd3a0c071b0fe6d96130819cfecebb04a3fcaeb7bc97a32dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 46C1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c4b2d72abe9900c6780846b6bc8da01943b712cec36ead1c5e67790d363506

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ 33 KB
11 KB 387ms
329ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&idx=0&rand=9052&widgetJSId=AR_1&va=true&et=true&format=html&extid=shorouknews.com&px=320&py=509&vpd=0&cw=960&settings=true&recs=true&key=SPEAK2H9C67HIF28375NI40JN&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010443&sig=qkoHZNhl&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c4c69be05f695c8e3117c12979023fe9f01e0b620d2868241c354a8435ba880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1694089397.938410,VS0,VE308
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21980-LGA, cache-fra-eddf8230055-FRA
x-traceid: bb3f9e92e06187b8da82dc7451d8e9eb
accept-ranges: bytes
content-length: 10845
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 154 KB
52 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d02ca303a2e48be3d9bbe8a8268c744df1394ff5c942ef391eba12ce0ffc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53640
x-xss-protection: 0
server: cafe
etag: 1760053222808974713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C8BC 147 KB
50 KB 146ms
146ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4394593b12c14b2e2509d19b31bbe836231ebdd49f4d001f73ca597ad47a3ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50800
x-xss-protection: 0
server: cafe
etag: 12531613627669370315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 20ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2392364917476331&ev=Microdata&dl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&rl=&if=false&ts=1694089396902&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5Cn%20%20%20%20%20%20%20%20%D8%AE%D8%B7%D8%A3%20-%20%5Cn%20%20%20%20%20%20%20%20%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.shorouknews.com%2Fapp_themes%2Fimages%2Flogo-share.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22390%22%2C%22og%3Aimage%3Aheight%22%3A%22275%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1694089396398.1568210017&it=1694089396323&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Sep 2023 12:23:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame C8BC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ae937cc99ba9a3b750df97d196f0379db9802942bda00626ebaacbc19bbd964

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 489ms
119ms XHR
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1694089396958&sessionId=48cc0985-c1ce-8885-1425-a2fb754074b6&url=www.shorouknews.com&cheqSource=1&cheqEvent=3&responseTime=287
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 12:23:17 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: caa8453951c6cd20a490ffdaa28751ec
Content-Length: 4
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 726B 0
0 98ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJlstwpljwRmZfX5zvBmPRTKBd42pDyGuiTjgfvOlwOb6eF3RKpJx8DZT1mRhqy8pJ3np2-eeFVSidXjP8ektMEeltKW6EgSmWp6SRiLxfn7wFSiet_NUwAJjGTOnWhy5uxabsPE4Jx9jG_u33ghAxuGoVd2HPBoOGsfuQs91LzKjRjfLbE7fiLeBgKHsm8xsFjJ7poFBRVNwx3zHVZTwqdzBcZi-kr3My2rBonHrcQyziK6HBM-sMxrjIlatJJgbaxQC6SNOS19kQ3JvVtIp6Vu9rsalnYFeSG9xUD21BkVNAyv2phpk0a7gfPXVqrlCuJfyD-f41EKRcZEtWWO2nTVRTSqOf9kqLnWOC1gKs-JcttQ&sai=AMfl-YTEWfAnMfD76cVyH-UI6ezCuRLP9_VZe5BHotFVVSH4nGrAK2RJm7WbXh6z2MjneRFFYKQ3SIHW42y6uJBFdjk4tJ5DdbdBbqJjnPgBU_3fPsBtWWqaTLnSxo-syVdVVqAvBy4-YKTeBUGgn5M&sig=Cg0ArKJSzC1mRHT3yXZxEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46C1 0
0 77ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr6JARmRnfAdHk49TdHry3K6Z3oKLY9ku76pIJReC83KCqspRTs0tdtUUxCiS1W3IpuCDc1f1rbwR2SHqYKm4fOUJX0kBeKJziGFkCE_dwNuUpFlxQs4AKdCxrdlbn6pJ9xD9BZQ92uuzMV_KkpCLQ0yWWX8oYQ0q0Q2GSkLTok4lLB-SmWpHJMwbMqpteBo1I86sGAlmqIxk7fhTByea_YeJcpUb1DB6W_FVZyiLIWgV6tuxZ4EN8OJO0Bf1OiYSWhbaVRizckLLbJIqP_lGCkhDz3oT8LoAc9Ry6GiQTTPzAUXAGl7fn5eq0e-JpQF_TZNwZbuHzL_X6RNLH7JP8x_U8rdtuaYbZ5aNKI3W9looK4xEpDygxAFqD&sai=AMfl-YTxd4wx46HGIp_tT9Y9z_iq-dleA2ZCILhblQqmlwdp3CBQqRRLVCI6IZVDKyIzUNHEIpKhNtyHRoSQWiAJ_tD9jtQ4N8vT6ETwbFMi9AIOdNazDJwI56bMda8rElJF9CCtKa7djUKGeRUFwdY&sig=Cg0ArKJSzEim2mot9CQOEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D936 0
0 72ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZEkeMM32E3qxhL1dgimjbXszxWtvK0XGycnQkGizb3vVHgJ3mq54Cy8RJGcYiXzwK3yUJDoNYu-oyGhFDPEfhFQiqweQ4I_5LjkXi1LU-S8ODg74H2hN0yKKMBjFR0mPrPs8GW9lNEme9LYC4KZHHhYfJhhDbiJLFG7XdG7Pmj6wOXRgI1PV4-TgqY1JLJ5ObApzxL2xOFewyww7MFQCfAAYeUjp5ebQt7T_xHKI73wXww-DBb0IiB-iiFo-js8Q8CQaiCgG8ggSNKhz3ckZiwFiTpLkNkJffv6W9aw_VYexTwMt_di_PhrpNxJAPnzUYaP9AEhaeL1dVMZPSDEaDB9CvZIhgX68bVf3DOZ04DzWt0gFGiCF8BJo&sai=AMfl-YSogcWeiSFDK-G5saCG1ehHzEACInKJT4Qv2634XAhIymxnxJ8xQvY7eVm_9rpeqSoTOa7mW7cUvOkSJiA&sig=Cg0ArKJSzBb9GfN_gBdcEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4EE4 0
0 67ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHIZ0qcUXdoSmpeVqbYPyW-XkXLLVNjYCcUnsmIJAMtvO7k9K73xZx3Onq4bIdk6a1Lokq8XDQWK7ud8Tkmru0fx87vIQIBbDmtqZ0z9xBTGR-bICjFs2I4lRRN-r479hYf0_AyEgqIN-7KVFgGIgZQZZ5rwmdXjcyb46ufuXcqUVFVJ1GDBH3Tq20_Tm2yXwrbP_BIvqPetn_O8d3ebxOl3iLgoIg0feu_EUC_l_ca2YIWooOyQyLl-6v69Y6kWh5zhbJBsjVgrJz8jkvM5mp4SahuC9jq1-6QpWmNZIVSHODk51HlfMeS2NFlIAO-C6KU3q1-7DHdwKt0I0kl5oRK6IqJHR95A&sai=AMfl-YSj4pVK6pxNsuTctwmqh8_-ljIaRwhNh09Ucu7VvvvSYK4bIbBzerNNTrsbbY6thHf4_WWnlBpBLEaI0ySi1yEMjp3dohTZqRMWkfRbngBd-v3GcrXge-ouv30Cbbp3t9bWXyLesFc0dYFvodNn&sig=Cg0ArKJSzP86u1AL7iq8EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame D584 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:10 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4D2D 240 KB
63 KB 253ms
103ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPnAtAAI_7YGUIrnAAXGM5s8QDthi15PA79AWQ&u=%7C66nep6hrVC8S%2Fou5FleJTwdSMnOfMRBZsIAGb7MN7tY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSiOYR2qt810N5CH3Ad7-snFC_qOjpF2ownXrqz-UZWKRxQW1jMWJbVWjI-BvxNJARo6OrtDBw7BG1Z116tiUm7_HXdJ6ovCvohMtoJQXLMWeWDlpKCL3RwGIE4-GyD4uzOk3db0ycGULt-TGK8y7t392dmvB0g86Bw4gfpyBqHfyKS1qSIy0oKIyjd9n6k4O_tnCyvVFZT44wbap9wyVfvsbInfOTdNEcIkWR9TTo79s90KrnOEYoPm7-lT2JntD019Lo3A_f1rSZCjk4WSWPTkOrKQ7QLH0GS2hgOVMjKpdcKDwNNGkZdgqakWzHNT0t2XPGVIi5guHCz-rJk5K8ZAO1pc9OXTOqBm5vMMlIBSj5sVf-KMqj3eoiTGv6KwGbcU-m72xELpk8su-B9AM4L0jMrdkmvR5aTKB2u2blrIRj0_x6yG9QAtfXtatzyrf_AKCyLqybjXQJYwjLmAz0oISotRGaPEMIKY6pDNrKUcpZt_b_djQZ-AaAHStLq6tR29su2TA4e8aJGgRXw2fBQpE8PA_v0YCKpJ3RKj4YxrBQbWhv5D9ty8TlPzxgvRwnSS8d67Ni7X3DV7A88brhPWb3MSxC3wWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr2LctMD5ZLb_I-eVwuIPs4yX6A3JntKxXPWR3r6xAcCNtwEQASAAYJWy-IGUB4IBF2NhLXB1Yi0xMTc0MDQ3NTE1MDY5OTU0yAEJqQI0K1zvLPmxPqgDAcgDAqoE_QFP0MQRZJgB1Pfj1lKGSfd4dLs8B6Rq6FxhpeHzEUazCZXmNeKSqAiPpyhZUu4JCyB1Az0wY664Kthpyz3FYWEjnelcqlghadFikCQ1e0aHxS7SnPF9xAHl1VBWBEHbZcR-PexBj8RjJ7R5TStT5ri4Ju7PwFkrr1W_ns8FlI0nmQTWBblNlhjiHxN8JTkclZxZ6i51hu4iG68DbNWAjaWMgmXhF3_cLOTgN171tw3ZSH77i4lbhaswZfI8hXfax9Ksd9Md8luKTEZ4U8BUM4rsltzeRBPk3XRzkxdtdQF-Yj52RTDjkaJomof0MS7ZSbBDGQAD_FZ1C1XqLF5EgAad_pq3vsboiZgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1B0zO2vuZcNDmJMbOCxviKhmEXwQ%26client%3Dca-pub-1174047515069954%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c65245f3da4f90a4780278af1a8e303b572e2eccd4f0a1f5b77ba85b4e72e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:16 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Nx2vR5TqNyafde-LuUmp7-FibmvvgypKAom9LmBpF5m_UKy09KOdoaga2M8YXCqaQQjTmW4ryFChq4eJKWf-57dEIsYiMYP9_ory5j_xbT-0QUFxH1B0koOn_6eK7VjHPS8_HOX5oQbXDHVmCt1BxJjs6b9wfAYkMVAfELFpFDnlDDw1s5K8B-XDNEaQctxY0Ikllz8vnazMP0VphOk-b5y7IIqy0aig5WT5yYOJc-XwHrSVRkPnJQj6euRbt33Bq2tiSA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65486493
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D584 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D584 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D584 181 KB
56 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame C8BC 377 KB
128 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2650755364999156&plah=www.shorouknews.com&bust=31077641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2f514deb2e4dc548bb75b3bb4955e5240cdccc22d79dd0994f8763d2d48c912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131261
x-xss-protection: 0
server: cafe
etag: 2142265975572937400
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
DATA 200
OK truncated
/ Frame D584 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ea5aa77223af76a2c99284380cb93db9be1b5d21b39abe78e180e0b5f342a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D584 0
19 B 62ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEw_stMD5ZLb_I-eVwuIPs4yX6A3JntKxXPWR3r6xAcCNtwEQASAAYJWy-IGUB4IBF2NhLXB1Yi0xMTc0MDQ3NTE1MDY5OTU0yAEJqQI0K1zvLPmxPqgDAcgDAqoE-gFP0MQRZJgB1Pfj1lKGSfd4dLs8B6Rq6FxhpeHzEUazCZXmNeKSqAiPpyhZUu4JCyB1Az0wY664Kthpyz3FYWEjnelcqlghadFikCQ1e0aHxS7SnPF9xAHl1VBWBEHbZcR-PexBj8RjJ7R5TStT5ri4Ju7PwFkrr1W_ns8FlI0nmQTWBblNlhjiHxN8JTkclZxZ6i51hu4iG68DbNWAjaWMgmXhF3_cLOTgN171tw3ZSH77i4lbhaswZfI8hXfax9Ksd9Md8luKTEZ4U8BUM4rsltzeRFHm_ObzAMdQ09FZuLJWrJTttqjekKnss5oRdBaxph4v5M6_n3UDgAad_pq3vsboiZgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExNzQwNDc1MTUwNjk5NTQYAA&sigh=_9G6DHrDu-w&uach_m=[UACH]&cid=CAQSGwBpAlJWDqqOXDVh0J5JVr2fER8M-Hlxh9bVbhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 12:23:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame D584 0
126 B 107ms
33ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k463Dsz6RO0HfJ2DYgICAAAAruX3ZHt2uOyOae2et3r0AxC0wPlkq5DZ75JNYaLDTgAAEgAACgpBUVVCRHdFQkR3&wp=ZPnAtAAI_7YGUIrnAAXGM5s8QDthi15PA79AWQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 185137
server: Kestrel
content-length: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 32ms
32ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Sat, 07 Oct 2023 12:23:17 GMT
date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 34ms
33ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Sat, 07 Oct 2023 12:23:17 GMT
date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 549ms
124ms Fetch
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=0e4465ebd64251faceaac62ae768161d_69877_1694089397184&tm=601&eT=0&widgetWidth=960&widgetHeight=805&widgetX=320&widgetY=510&wRV=2010443&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=395&oo=true&lo=951&obreq=845&odbreq=1166&odbres=1561&cet=4g&to=1694089395707.6&umv=1&ll=0&chs=2&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 6fbbf1193df443267695bdf9a5bb340d
Content-Length: 6

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 76ms
23ms Script
text/javascript 2600:9000:2057:4400:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 09:07:23 GMT
content-encoding: gzip
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 11754
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: 69uSI7fTpZ1MLOar53P9gNaEPvhBaJYZ_hR7UO0iyTRXixILXQdYAQ==
expires: Thu, 07 Sep 2023 21:07:23 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 609F 4 KB
2 KB 33ms
33ms Document
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Thu, 07 Sep 2023 12:23:17 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Thu, 14 Sep 2023 12:23:17 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6IjFjODlmMDVhZTU2YTQwMWRmZmE2ODI2MmE3NmVkZWU3ODI3NDgzMjM0NzBlMWQ2MDQzZTM2MzM5MWRjNjU3MDgiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 4 KB
5 KB 87ms
28ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFjODlmMDVhZTU2YTQwMWRmZmE2ODI2MmE3NmVkZWU3ODI3NDgzMjM0NzBlMWQ2MDQzZTM2MzM5MWRjNjU3MDgiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 343ad5ccd991c46164fb6a3cec5de84637c5fd5f607ed140ab63a6cc16acbad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Tue, 08 Aug 2023 07:56:47 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=680594
access-control-allow-credentials: false
x-traceid: 6ae68e1d9b1bf1b92f929d2341759173
timing-allow-origin: *, *
content-length: 4428

GET
H2 200 eyJpdSI6IjA1MjE0YjIyMTcwNzk0NWVkMGJiNWQwNTQ2NDM1MzYwNDRkZWE1YWI0MWVmN2FhYTg5ZTZmOTg0ZjQwOWYwZTkiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 4 KB
4 KB 87ms
28ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA1MjE0YjIyMTcwNzk0NWVkMGJiNWQwNTQ2NDM1MzYwNDRkZWE1YWI0MWVmN2FhYTg5ZTZmOTg0ZjQwOWYwZTkiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 321b9032ebd2a1fb7f7b00aa1f7c1c762772062b2558c19e2b5cafdf85b1cb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Wed, 26 Jul 2023 10:18:56 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=475261
access-control-allow-credentials: false
x-traceid: fb3f79972bfd6c6376b76b2701e4ec55
timing-allow-origin: *, *
content-length: 3900

GET
H2 200 eyJpdSI6IjZhNDhiN2Y2OWExNjYxNjlmYzg5ZTk4Y2IyNDczNzJiMGUzODkyZDY4OTk1NzVlZjE4NDY4MDMzYTZlNWY4ODUiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 118ms
60ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZhNDhiN2Y2OWExNjYxNjlmYzg5ZTk4Y2IyNDczNzJiMGUzODkyZDY4OTk1NzVlZjE4NDY4MDMzYTZlNWY4ODUiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5d8634d1b4fc2c412ae88079e9d4c72bb740ba784ac87c4ca9d841a6ceb1172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Mon, 28 Aug 2023 20:23:29 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2398985
access-control-allow-credentials: false
x-traceid: b9211af3e136c94530444c6912a4eb57
timing-allow-origin: *, *
content-length: 9386

GET
H2 200 eyJpdSI6IjVmMTQ4OGI4ZTI2NDBmNDYyNzI2NmE1YjBiZDNiYTliZjJkYjE4MmE5ZWFkMTQ4MTAxY2U4ZWUyNzM0MzU0ODEiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
5 KB 114ms
55ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVmMTQ4OGI4ZTI2NDBmNDYyNzI2NmE1YjBiZDNiYTliZjJkYjE4MmE5ZWFkMTQ4MTAxY2U4ZWUyNzM0MzU0ODEiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38b812815eee1ebcd5d55a22bf9439870b9fbb98fa37f31db456e4d9745397e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Mon, 17 Jul 2023 23:29:20 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1445745
access-control-allow-credentials: false
x-traceid: 1c26ecd0156b816295539b11012fefd5
timing-allow-origin: *, *
content-length: 4784

GET
H2 200 eyJpdSI6ImU0MTQ0NTVmYzQ3ZDg4N2Q1YWY4YjExNTk3YzI3NjZhOTNlNDE5YzU1Mzk4ZTE0NTI2ODhhNzlhMjM4MTFiNGQiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 116ms
57ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU0MTQ0NTVmYzQ3ZDg4N2Q1YWY4YjExNTk3YzI3NjZhOTNlNDE5YzU1Mzk4ZTE0NTI2ODhhNzlhMjM4MTFiNGQiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9570a6810b00fa10fa896e31f7ee82ad5ebeb147c474875509b9c98a1f0ae132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Fri, 25 Aug 2023 19:16:18 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2401732
access-control-allow-credentials: false
x-traceid: 26574aff3953e68e1c871a918089dfec
timing-allow-origin: *, *
content-length: 6748

GET
H2 200 eyJpdSI6IjM0ZTc3ODgyMjhiMzNjMDM1YjhiMzI2ZDc3OTE5ODUxZDhlMDdhYTE3YWNmYzM2ZDZlYWViNmYxZGIwNzVkMjMiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
6 KB 87ms
29ms Image
image/webp 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM0ZTc3ODgyMjhiMzNjMDM1YjhiMzI2ZDc3OTE5ODUxZDhlMDdhYTE3YWNmYzM2ZDZlYWViNmYxZGIwNzVkMjMiLCJ3IjoxNTAsImgiOjE1MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa1b5f216b40c2a4fb0f1fce9c3e8d3319929639b6b39f5ddb35620430bc9f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
last-modified: Thu, 03 Aug 2023 09:19:01 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1752160
access-control-allow-credentials: false
x-traceid: a247dfedba8c77c7fac4c554e4a80869
timing-allow-origin: *, *
content-length: 5502

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 282ms
120ms Fetch
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=0e4465ebd64251faceaac62ae768161d&pvId=0e4465ebd64251faceaac62ae768161d&sid=7897424&pid=69877&idx=0&wId=100&pad=6&org=0&tm=614&eT=3&cnsnt=no_consent&wRV=2010443&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 12:23:17 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b2c47c302da7ad1ac806af48ab6f7f4d
Content-Length: 4
Expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4D2D 2 KB
1 KB 305ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZPnAtAAI_7YGUIrnAAXGM5s8QDthi15PA79AWQ&u=%7C66nep6hrVC8S%2Fou5FleJTwdSMnOfMRBZsIAGb7MN7tY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANSiOYR2qt810N5CH3Ad7-snFC_qOjpF2ownXrqz-UZWKRxQW1jMWJbVWjI-BvxNJARo6OrtDBw7BG1Z116tiUm7_HXdJ6ovCvohMtoJQXLMWeWDlpKCL3RwGIE4-GyD4uzOk3db0ycGULt-TGK8y7t392dmvB0g86Bw4gfpyBqHfyKS1qSIy0oKIyjd9n6k4O_tnCyvVFZT44wbap9wyVfvsbInfOTdNEcIkWR9TTo79s90KrnOEYoPm7-lT2JntD019Lo3A_f1rSZCjk4WSWPTkOrKQ7QLH0GS2hgOVMjKpdcKDwNNGkZdgqakWzHNT0t2XPGVIi5guHCz-rJk5K8ZAO1pc9OXTOqBm5vMMlIBSj5sVf-KMqj3eoiTGv6KwGbcU-m72xELpk8su-B9AM4L0jMrdkmvR5aTKB2u2blrIRj0_x6yG9QAtfXtatzyrf_AKCyLqybjXQJYwjLmAz0oISotRGaPEMIKY6pDNrKUcpZt_b_djQZ-AaAHStLq6tR29su2TA4e8aJGgRXw2fBQpE8PA_v0YCKpJ3RKj4YxrBQbWhv5D9ty8TlPzxgvRwnSS8d67Ni7X3DV7A88brhPWb3MSxC3wWg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr2LctMD5ZLb_I-eVwuIPs4yX6A3JntKxXPWR3r6xAcCNtwEQASAAYJWy-IGUB4IBF2NhLXB1Yi0xMTc0MDQ3NTE1MDY5OTU0yAEJqQI0K1zvLPmxPqgDAcgDAqoE_QFP0MQRZJgB1Pfj1lKGSfd4dLs8B6Rq6FxhpeHzEUazCZXmNeKSqAiPpyhZUu4JCyB1Az0wY664Kthpyz3FYWEjnelcqlghadFikCQ1e0aHxS7SnPF9xAHl1VBWBEHbZcR-PexBj8RjJ7R5TStT5ri4Ju7PwFkrr1W_ns8FlI0nmQTWBblNlhjiHxN8JTkclZxZ6i51hu4iG68DbNWAjaWMgmXhF3_cLOTgN171tw3ZSH77i4lbhaswZfI8hXfax9Ksd9Md8luKTEZ4U8BUM4rsltzeRBPk3XRzkxdtdQF-Yj52RTDjkaJomof0MS7ZSbBDGQAD_FZ1C1XqLF5EgAad_pq3vsboiZgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1B0zO2vuZcNDmJMbOCxviKhmEXwQ%26client%3Dca-pub-1174047515069954%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4D2D 2 KB
1 KB 309ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4D2D 308 B
636 B 302ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4D2D 293 B
621 B 301ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4D2D 43 B
348 B 294ms
30ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=p198k2B9cHjknrk-w9iQVW7GosmLvJ1utxsuHROnclqfWYzIrbd-tdrMee7q81oYYTrDtKcovZfOl-RZfJrBxi1pVL0SThJZHpy9tfYF0xLnCDNM6g9fm2AkouH-1x3LMFq0iuYbG2M9yuLyY79YuglLxOe37YNxnOAArop910l13lMrxO2214B48LG7cZjOp89-EhR9xXtPeEFmTzZwKfq9F_rtHt2b-gNo3VcBarv4vxjaXfaMhZzUHWPBaviRQUmfQqM4G43uVHR3E15dCZ0_5SPPCwbmBG1xosVzE_IacKjj1TX-cvzBlpaEJ_FDX_USQx2r9eRKHmLhoB09c7tyBxtCDVOcLSHuUDNtHFsfC4LzBEA-BitjiCChgMN1c-MDMLmRw7fa4GA2tSimSlsr36CtNSf1NFbApo2h7jIlOfFEYBtS7061j2zExIZhHr2DVzqN5_skTs1DP1xIYcQIgQI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1617423
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C8BC 219 B
277 B 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.shorouknews.com&callback=_gfp_s_&client=ca-pub-2650755364999156&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60be01ec5efde6dcf62ca7a01939d1f1edc32fe8f0a9c36933aafeeee0965338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87A9 46 KB
17 KB 575ms
575ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c11da679191630e51ca9e0fb524a4f95fda14ea9792e2f8473f52def8bb7c13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17020
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4D2D 12 KB
5 KB 255ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4283043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OHilFLSJNkilsRboMC1xILN5xOJoG2Lq02TdkExZnMWkcd2nr3xNRrKXDDmwMgKS8JN1VcOes2Olf4CvJF8cglv52nFihaOGlpLgoTpXbnsGmL0fE0ffOrN4UEuCan%2BVJ3keJIppOwiebN62tdAu6iZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802eec0eef4c9c0d-FRA
expires: Tue, 27 Aug 2024 12:23:17 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 340ms
123ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=04798529721069020875170650502097136629417992926329117096522973221002&nc=0&tsf=0&tsfmi=&pv=0&cb=1694089397632&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3497792798&at=&bid=e30%3D&di=W1siZWYiLDM5MzVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MjEyLFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTI4%0D%0ANDMxODUyMSxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1%0D%0AZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAg%0D%0AICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAg%0D%0AICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAg%0D%0AICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRh%0D%0AYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAg%0D%0AICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAg%0D%0AICB9XSJdLFstMSwiLSJdLFstMiwiNyxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNs%0D%0AaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6%0D%0AV1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJi%0D%0AcGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0i%0D%0AXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0s%0D%0AWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0%0D%0ALCJ7XCJvXCI6MC4xOH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxMDY1%0D%0AMjk5NjE4LjE2OTQwODkzOTYiXSxbLTIxLCJxa29IWk5obCJdLFstMjIsIltcIm5cIixcIm5cIl0i%0D%0AXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjY0MDAwMDAw%0D%0ALFwidWpoc1wiOjUwNDAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxc%0D%0AIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAs%0D%0AMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFs%0D%0Ac2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY5NDA4OTM5NzYxMSwt%0D%0AMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgs%0D%0AImksLTEsLTEsMjY1LDAsMCwwLDAsMCw3NCwyMzIsMCw1MjYuNiw1MjYuNiwxOTA1LDE5MDUiXSxb%0D%0ALTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixu%0D%0AdWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQy%0D%0ALCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIw%0D%0ALDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxh%0D%0AdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDI2NV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A320%2C%22y%22%3A509%2C%22w%22%3A960%2C%22h%22%3A805%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=dii0CANiqv&sdd=%7B%7D&pto=1927
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4fc0705f42741870f1a91ce73f82122fde911ff554d6d1d469e6ce483cd59a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 07 Sep 2023 12:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1650
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4D2D 12 KB
6 KB 40ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 3 KB
3 KB 111ms
35ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=196&s=g5E6PN0f66mPVED9Vx17oCkg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

066b2cd584d2e287c8c1605703d409aeda83cb5b16ebeeb2d3a883981c5e033f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 2886
expires: Thu, 01 Aug 2024 16:01:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 9 KB
9 KB 157ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_981993-19654_1102_110.jpg&v=3&w=800&s=wRlu2VflfKQc1mQnyDwib-JM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c970dd7525ba0d0cecfec5a97022f7430d1798462cfc4ba10752229814d7ac94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9252
expires: Fri, 08 Sep 2023 20:09:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 10 KB
10 KB 144ms
68ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_472404-15305_2202_01.jpg&v=3&w=800&s=IrdLfyFuhQyhTKB8S-NLuICN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

836f9c0bc58ea440cc9d713459ab3f0e14ea6ac65ba71e5cdc2220f10cd15ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10454
expires: Wed, 13 Sep 2023 18:23:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 11 KB
11 KB 182ms
106ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_380205-21213_1102_110.jpg&v=3&w=800&s=Lw4kQhcm9bclyEOYmHIdjSff&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4b92d54035f8cf8871d7932bf96d5e298356a101f907482a82d7e12b01af9fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10902
expires: Tue, 12 Sep 2023 13:39:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 5 KB
5 KB 147ms
72ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_232019-18504_2081_110.jpg&v=3&w=800&s=FHyzBUhc_HqIIdQ4C39o4oDX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28c91ac443a5148992a1cd629b828465abbee353e28d39bf1ba97e714d6a2738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 5428
expires: Wed, 13 Sep 2023 16:29:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 13 KB
14 KB 169ms
93ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_280018-31510_1089_110.jpg&v=3&w=800&s=Ai6yQGi_GtU0zU51aMXdy9je&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

50b8ab1fbcb551cefea48f28d936d82321411b127f88886c75a00d45152446ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13702
expires: Wed, 13 Sep 2023 18:12:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 10 KB
11 KB 120ms
118ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_480407-11259_1102_110.jpg&v=3&w=800&s=kNf2lhOoX8oAtYrYBg7icRxY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7d8a62ba80817cf6cf13ead26ed2f469b59c8c3a13da1266f5a0832299ac2df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10738
expires: Tue, 12 Sep 2023 13:23:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 4 KB
4 KB 81ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_420412-11253_1100_110.jpg&v=3&w=800&s=2ric4aW3UPwGojxG--RIY2sk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

161311a07874e3ccbfdc9b9315adee8982ad6b17e8b52c1ef3152a5b2c317778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4076
expires: Fri, 08 Sep 2023 19:40:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 5 KB
6 KB 92ms
90ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_250251-31120_30821_110.jpg&v=3&w=800&s=DxuRPNInEzN4fwBs4_gSuDqq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a10ab732b9ac95907a0a6d76c2a26a83b2e1fc7ac980c8fa6a480f0d0493e136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 5494
expires: Wed, 13 Sep 2023 12:55:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 10 KB
10 KB 82ms
81ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_480408-11211_5582_110.jpg&v=3&w=800&s=wqgMRvTGUYWqoIeUOQ1sQR28&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f2490561e9e4a14084f9c5836a0dbbfe5eebc4dc4842b68cc94e1ecf07b8da81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10530
expires: Fri, 08 Sep 2023 18:26:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 8 KB
9 KB 102ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_980998-19156_1102_110.jpg&v=3&w=800&s=2zkrXF6xVE9CQmngcsBX2-GQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72d5a4f29578748280dc2394e27e2b42716585031d5b37dfc7e3ac89b9560fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8676
expires: Fri, 08 Sep 2023 16:38:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 5 KB
5 KB 117ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_281051-18648_8100_110.jpg&v=3&w=800&s=PiGDYwAHLgepRZIfycDRFvwc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

457e36bba41b50a30ae55cfba7b8d2bf26bfac5e674a10ed49d9df543b5b9162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4918
expires: Wed, 13 Sep 2023 16:29:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 5 KB
5 KB 108ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_260006-31344_90543_110.jpg&v=3&w=800&s=dsMnx3oad8W6Zv49eANHZ-U7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e375a13f3806757d7d1c941ca6da74f2cd31f7b9cb136381670daea1654f8833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4860
expires: Thu, 07 Sep 2023 13:22:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 13 KB
13 KB 101ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_281043-18629_1102_110.jpg&v=3&w=800&s=wzW_0TzEmNjllReGQ6VyKXsR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28ff7379eb21c40da7d856ddeba742d9629f529672e2a14462f4ee85bbd9ca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13506
expires: Wed, 13 Sep 2023 20:10:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 7 KB
7 KB 119ms
118ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_280025-35701_2070_110.jpg&v=3&w=800&s=TSAXS03IqgW8d05kyCQwic_a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e7510f66c1399bed56e18219b3000870133b49160e5a69a3e5b86f6e319bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7418
expires: Thu, 14 Sep 2023 09:32:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 5 KB
5 KB 115ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_185004-66424_90540_110.jpg&v=3&w=800&s=zJ1janQwVTHgJXin3YQixxHe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

82d01509b715355ad79572fb419f1f236ab3a89c1a15461abc8ec0a16d7d8cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 4608
expires: Tue, 12 Sep 2023 17:52:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 7 KB
7 KB 114ms
113ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_420412-11253_5580_110.jpg&v=3&w=800&s=DxoI4pdoteEZPRj1LydVQGFA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9edb63ed7d5acf1bc1d3f005c189fbc9741e77db2cd122f73ca576e896a3223b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7268
expires: Sat, 09 Sep 2023 06:53:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 9 KB
10 KB 113ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_985013-35014_1098_110.jpg&v=3&w=800&s=mlFW3pNF8aZWRkuZnl_M8pug&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f8c5882dc3755daefb8ae805fbe6c0d657abfbe3d67efde199319e317ae7ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 9704
expires: Thu, 07 Sep 2023 16:57:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4D2D 13 KB
13 KB 92ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F11_471408-16308_3402_110.jpg&v=3&w=800&s=tFKBATrs5R_jf9_R6QJZMgzf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f337e2c454d9d72c1bdf16eae4fb15fba66265a888ac5512338b4d97310df0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13338
expires: Thu, 07 Sep 2023 16:30:34 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4D2D 0
128 B 116ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Nx2vR5TqNyafde-LuUmp7-FibmvvgypKAom9LmBpF5m_UKy09KOdoaga2M8YXCqaQQjTmW4ryFChq4eJKWf-57dEIsYiMYP9_ory5j_xbT-0QUFxH1B0koOn_6eK7VjHPS8_HOX5oQbXDHVmCt1BxJjs6b9wfAYkMVAfELFpFDnlDDw1s5K8B-XDNEaQctxY0Ikllz8vnazMP0VphOk-b5y7IIqy0aig5WT5yYOJc-XwHrSVRkPnJQj6euRbt33Bq2tiSA&sds=2&rev=88100.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 12:23:17 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4D2D 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4D2D 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame 4D2D 1 KB
740 B 36ms
36ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0e8-4ef"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame 4D2D 1 KB
740 B 36ms
36ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0ea-4ef"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame 4D2D 17 KB
18 KB 168ms
96ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0e8-44e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame 4D2D 27 KB
28 KB 142ms
70ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 01 Mar 2021 13:06:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"603ce6bb-6d70"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Sep 2024 12:23:17 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 9BE7 2 KB
3 KB 119ms
49ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5143f2a35f1602ae08718b519b77b5a988278bb24d27d17f6da6b3f8055c57bd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 802eec11981c1db1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 449D 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CBE 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 11:13:59 GMT
etag: 48472445140208031
expires: Fri, 08 Sep 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 449D 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 14:05:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 449D 0
0 88ms
33ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4Imuj-vORrT1UmuAO06LCvl0vbZ13kJtVyNzVOhYVjt1w9-aKdUo_0Q2XyoBuw3KopKcBIE4QCbo7jKUiLxV-5SHapg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 449D 181 KB
56 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 12:23:17 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 726B 42 B
174 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEE_TK5d3qfjTy85aE3pgDYlXvR5gnvK8BM8dQfdZHUaZzPocX4WXjwoEgwpIhqdQ6QJH2aeBPxCtGJNE0eS93k0fWnDfOgy4b6bT8cjCPztgJ2MfV75V4SEk8IHKd&sig=Cg0ArKJSzOCF0JsD8HewEAE&id=lidar2&mcvt=1027&p=56,305,146,1033&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=189150624&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694089396737&rpt=230&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46C1 42 B
108 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty_aBG0NskGPiTiGwJZbY2O2P1LgZDAlccil43UYbcbM24vP4WPpae2TEyY89Ut6ybxFCEKCt6-oadysZ4gqbnTAwNBz4QS7jBlo-rf_BSRJJPZjZBoSSA7vS6ylsr&sig=Cg0ArKJSzEHkvGLo5G7FEAE&id=lidar2&mcvt=1016&p=252,1305,852,1465&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2368201745&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694089396758&rpt=233&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CBE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEF1ETlYsYlzsWcz3bRKpIBY&google_cver=1&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj0oHe99hYKN6AtTq...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AF25178B9E0460BBD9378E2CFFD427C&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj...

170 B
232 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AF25178B9E0460BBD9378E2CFFD427C&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj0oHe99hYKN6AtTqCC0hWlWkmoHPOaEGdg0S3zGVbheOJYXMBezmfwioS8kFVmVHHdrXI

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 12:23:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AF25178B9E0460BBD9378E2CFFD427C&google_push=AXcoOmQcT7O2-6i9sKKYTykyx2zFD_XcAkAz-kAzZjgspKYKeEh_gwcuUzlVgZLwDUrWED9pCnntDjZrgBSguFj0oHe99hYKN6AtTqCC0hWlWkmoHPOaEGdg0S3zGVbheOJYXMBezmfwioS8kFVmVHHdrXI
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 06 Sep 2023 12:23:18 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4CBE 43 B
245 B 79ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIjFMnOciJsSPsX_ePDFLzQ&google_cver=1&google_push=AXcoOmSd2LCWfqcMjfnvuzPcWryeTLUsyDqvROaNLz_y_60uiOPL4fiK_NDA6eFQ4-JE3IaGOL7cyUoLt5IcPdoMblkPaJaWlkx0LfSo6WTcfAMbV7jUT9Ynv9yUi8q4PSn5O0n-4PY3oj5fEjmv2PFOOxtU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CBE
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDblSJQx4MF1yLIOQ4zLYTA&google_cver=1&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDblSJQx4MF1yLIOQ4zLYTA&google_cver=1&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3q...

170 B
232 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3qcYJtH_WxL-tYLoGSDDaMBsR&google_hm=HSAHtGZHiYN1tuL-QjG2BPdl

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 07 Sep 2023 12:23:18 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRn1KKzLRUj8tVQVLtX9JKgjbjjLCzm5_1sQaih1l7rk2fMAFAcxFZYI2HqZELXque_Xq62bdUilbSaGemFg154zNeIMhSoBrXiriN2I5CJsp6JZTspQcpjwYO8LOf3qcYJtH_WxL-tYLoGSDDaMBsR&google_hm=HSAHtGZHiYN1tuL-QjG2BPdl
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CBE
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGlREY9o6Bb8bqjyM_Mfk3w&google_cver=1&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkw...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkwj6cT7emWHnGXZ1WafOjDqio...

170 B
232 B

30ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkwj6cT7emWHnGXZ1WafOjDqioIty9P29wiIwwTIScA-bgqpLHdPBlpSVU4K4Hm8CqHEJpS

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Sep 2023 12:23:18 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmThyMt9Chhvx8xr2z1adq-RgelZ8wOhb3l5v31rPspWt02uxzyuvm3xW3s0EQ-ImS5Yq92Z6Grp-dsQ5gkwj6cT7emWHnGXZ1WafOjDqioIty9P29wiIwwTIScA-bgqpLHdPBlpSVU4K4Hm8CqHEJpS
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: a15R9u9_jFA8mMTOid7FSuttK1QA9A3WPr-8EdxlRLkXgDniH7VS9Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CBE
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJTmQB2K5L4Cz5KBDj5gsok&google_cver=1&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_R...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_RatsvSKQr4O3hOEt7HNob_k9u1f2BN8XLyWj1rO0edSD7b6v-...

170 B
329 B

35ms
35ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_RatsvSKQr4O3hOEt7HNob_k9u1f2BN8XLyWj1rO0edSD7b6v-jEpd4WMNyKHAJN9U2FsjJbUOSWDDdJsqOTgDSd7ZDDqQ&google_hm=D2G2QDU3RiOzGc9Zxq3wAbc

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQXvxc4ZoZ-FLH2eitgDu4WqQstVwGuZgdT-z1xxTepk2bMDY2k_BT-CIw3_RatsvSKQr4O3hOEt7HNob_k9u1f2BN8XLyWj1rO0edSD7b6v-jEpd4WMNyKHAJN9U2FsjJbUOSWDDdJsqOTgDSd7ZDDqQ&google_hm=D2G2QDU3RiOzGc9Zxq3wAbc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CBE
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEK0GN0aNlY7_l05kpYsHm7g%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTE1MzM1OTYyMDQ0OTczMzg0Mg%3D%3D&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0Up...

170 B
232 B

33ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTE1MzM1OTYyMDQ0OTczMzg0Mg%3D%3D&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0UpqK2EU_orby7KA4x6Eg6Awd1Uvq0cKoMopNADnIr5Lwb5Yl87BXEWUuVThiSjsZJzAze1vwLts7IbhRRj447DnohJW6Lzbn6-Hg814YB2q67Y0JaG01_etxRCkHqA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
an-x-request-uuid: efb75042-8c38-4f1a-95cb-d2cf8571b023
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTE1MzM1OTYyMDQ0OTczMzg0Mg%3D%3D&google_gid=CAESEK0GN0aNlY7_l05kpYsHm7g&google_cver=1&google_push=AXcoOmTKhKRuogQ97TFcg5gOHdKkG5j0UpqK2EU_orby7KA4x6Eg6Awd1Uvq0cKoMopNADnIr5Lwb5Yl87BXEWUuVThiSjsZJzAze1vwLts7IbhRRj447DnohJW6Lzbn6-Hg814YB2q67Y0JaG01_etxRCkHqA
x-proxy-origin: 84.19.175.183; 84.19.175.183; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 4CBE 43 B
146 B 73ms
21ms Image
image/gif 3.126.69.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENSPm023uivsWHZaLu9cPww&google_cver=1&google_push=AXcoOmSok4uHAuqpQ2UMv--Kl2fq0gJx9EyHj5snqDrg9sQudUbkYfsPTzUKPF5_jDsLM1qugXR1HKXJapA0sBg8gHqS09rD-eq-iIHexug80XBQX4EplK1ISucs5YzM0fK93CboK8fCrirWVAmeFRPp7uJk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.69.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-69-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CBE 0
130 B 81ms
31ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JY7AofKd6oIUk2Yy5TG4oPMlRdySVr7aThLbZED_L5mA3qTVvpGWfyzopaNOQldxKaUFtk9wE3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EE4 42 B
108 B 131ms
131ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7YvMQaPijRmUK9elCwNLoj3kPJWEsyFSSY5T8jkvRfE1IvANtIS9k8Wa4kGWjgESkjWu9mARU4X6FlwS1D7bj_fw2UbGKgU7EGiwfz7-HD969kx4-MnaGmBY_yj4Q&sig=Cg0ArKJSzOhbQucLm6MkEAE&id=lidar2&mcvt=1009&p=252,410,652,1190&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=743862113&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694089396695&rpt=308&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D936 42 B
108 B 129ms
129ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqkPCvJTPbaVouNx_WNgBQl2UfkUod4OFGnE26UmEsXdVtBA85oxGWwZF9P_9JfB9h-DWOR_jVwJv5X88cdhWgtB7E5uimq2zVn9jT3ExAgn0g2RBQrOn-L87mSM_H&sig=Cg0ArKJSzOuKCC4GMzDhEAE&id=lidar2&mcvt=1011&p=252,135,852,295&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=776233071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694089396720&rpt=276&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
102 B 105ms
104ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001363eac73de344839a9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75062f578aee6d7e3474fbd498dbd38e820d86196558c512af87b57ff1e4f0d29995b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1e08f77f6aa094117aefdff264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e1f788eceb1e2ea728b4bdfe210065ef816b99e016e6111201815e5fd3d1809281b2c527df21d6deedc85ec54d5814aa5f0ddb92c54d7c84ee29fe5ae6931fcd77a82e184b04cd63be0ad893ae2fe9dc69914ea7c19ccc7780191c2de84b011f6f4373d7a174bd49d3d99668a4936ab09c2bcf93a4ea76cffea759613ed0ba1004cbb00a4b0ff8acba65b828d8b64ee58b33bb7ca0308950c809d6aa3bdb0724ecad8e653d397c002902400aace18d70cf04b741525e2afeb453c29e180ee2a5debabc6cc2f1f9fd86f8aff257523dfb4786b045738243651bd07f40706cf67ba76a04c3ebc1608a7cca248bab2fcca410987b0f22221e61129cc0e0dd2066549a184192cfc4bab0ca5605f3acaf2e84c5610fadc00e2e3beb9bd84a33f27697559b06f17cce509d9d518be577bcdfd18ccf5568aba27e369e64e5cda2a116d1&cb=1694089398027&cri=dii0CANiqv
Requested by: Host: www.shorouknews.com
URL: https://www.shorouknews.com/news/vi
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 449D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38de2fd4bc5d60de61764ba988019d889af767c8c34a7d7415feaa19960270c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9BE7 114 KB
14 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 90607
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FO8ExTyf3PhfjC1%2FZcxA%2B7A%2FR1r5phAo%2FJzF3R0YlJmEcqDzajtRHM4NshKALYVb54diDzc3%2FeTdW%2BKzjszsnrTACxq2kGO4U8yt2cWkMwzJrZjC2CxUAzODD23XP%2F3ZF8dIGR3lrY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 802eec1208b31db1-FRA
expires: Thu, 07 Sep 2023 13:23:18 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 9BE7 25 KB
10 KB 42ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 157968
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8lqUjUGAjhL%2FfMj0SJuXJOWVWMAJQ4jbwRYz0oFgQm9X1Ru5schf8VOsdvpUDgiWQRzMgV5iV%2FcntLCxUFLkJUBcHhs2bG8Wa4AccvicKw6S%2FqLSXI4zF%2FeLN%2B9cUAD5oDpZDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 802eec1218c31db1-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Sep 2023 16:30:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 449D 0
19 B 66ms
66ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAqSwtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgT_AU_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62-8nxLUqSlEcDjak8OdMgHp1d99vXVz2P7rKjwlbW90E8VxKtDL5oAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2NTA3NTUzNjQ5OTkxNTYYy8IU&sigh=99jfYI2imuY&uach_m=[UACH]&cid=CAQSOwBpAlJWfL7iDCbyTt_vH8fQgfq-HKoF6UNIyAVQP1f8QUvLcbsYiuxUkdJ16wd-6iAVPqNVdm1vTUADGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 449D 0
103 B 78ms
31ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hjx51k5de4859b92937y5g6ybb7rvkqs5harhe2gefwfk1e2gm1bgm3zyse3myrxde319r22msdmbqrsgvtjdxj0d0dgxm08r95yaa5x141xg6v4r8sc4qz6cfht3t132b52h3ystjbqk3vr9sed613a7x7s7hx1cdcnmmtk5sjv4grdyqw17fn6jrf4s1rzyc17wvq6yqk9r7029dzsw1hyw2fbkwwcphz1m8f4087x18np5gg52q9w1qe4pdrna66npxcrb5c5mhy2cxmxjywmnj7wy4phtt43wnhmqwk7hx7yjzvddg9tkfr6a4ry926j3s36r9t25zmway0rb7j92gcahm8z1pwsbjh80vxq1japaae3r8trzm28042y4vasp9j8c&b=ZPnAtQAHXtQA-RE-AADWwBHx_2hb0BGBU_Z1ew&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2650755364999156&output=html&h=300&slotname=4593340264&adk=3657177193&adf=3173046725&pi=t.ma~as.4593340264&w=570&lmt=1694082197&url=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694089396894&bpp=193&bdt=120&idt=433&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D556b5addd1be0233%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_MYzuXva76LxM_QCWk4mZfneAnsqdg&gpic=UID%3D00000c9dc0633b93%3AT%3D1694089396%3ART%3D1694089396%3AS%3DALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA&correlator=1081315676937&frm=23&ife=4&pv=2&ga_vid=1065299618.1694089396&ga_sid=1694089397&ga_hid=1950779529&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=594&ady=1417&biw=1600&bih=1200&isw=570&ish=300&ifk=548709789&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076996%2C31077641%2C44798321%2C20222283&oid=2&pvsid=4446895528692808&tmod=725395029&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C300&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.au4xdag0hlo0&btvi=1&fsb=1&dtd=445
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 12:23:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 9BE7 3 KB
4 KB 89ms
31ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FlVlK5%2B1EQ1UmEwclXvzkcHqAsuUTIfPGh7pOw57dQBQjE4UCNtmmkqxN8RnxmO6blXgK0m6RY0PdsyyrrjEGui9jv4prBc1tXJR9BbfF1ouVOZLLHcpDnI0Jjei7j%2FCTF6dfuvAdqAst4t%2Fxq2GhTo"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 802eec12bcb43681-FRA
expires: Thu, 07 Sep 2023 12:23:33 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1B90 2 KB
1 KB 39ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1777195
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 802eec125dd33685-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 12:23:18 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sIBsd9ydP8QQDHEw%2BofRVnH28We5jQbnEzQUwXbNuzAUgbUMN8sa%2F1Rx7KQH9O%2FQNh0OWuk8qCdaB63cnnDZ5w%2BaSJoJFIYneYrYVmFnu2tmyHByrxS80eaR3k5b%2FL%2FcTiSMxc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 77ms
49ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 802eec12dbd0373b-FRA
content-length: 24
content-type: text/plain
date: Thu, 07 Sep 2023 12:23:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN%2Fkr4gvVeTOYUrJZ%2FDHuVVuy83W%2Fqk9j3vVHV4Z54tTMJdhE2gLZzVuQZM0H2HaliDP8HQrDodPOVxet9I7n%2FsLZ2gszKLb867e4HNj3s886s4Ig9H0JuMFEEJw22XuLJnszHw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5ggx

POST
H3 200 rs Show response
ad4m.at/ Frame 9BE7 2 KB
2 KB 49ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884ae3125d7e320b5e661b50a28bb5a2e3e46635bb1f805424cf0f7b396587c3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6eJ283iWNxbnYg0T79zj2qh0dZ1%2FLXh2IV74CKgpiz7sfHaZ6P%2BinGFAYyhWZVpPyfx0zJis4zWi9scvqFbi0S%2FPS3FF067DDRQqYe%2F9WBOVP3BlvLgThbZGPmqA1JZASLSazY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 802eec132c3f373b-FRA
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C8BC 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0FdRtrOom0tZntpIw-PegkZpQhjwczQcdIj_Ih4OgtRX6Epsw0fYrUktAp7cSf8UjrZIJS9EhsDlFWsLtOzawJlYyLpmFjupIjE2KbWAVPLzbjcnnSORleNNO2McVH11Nzk5FNg5mCAgeTLrY_3VpXGW3uYAjveQ3mbSrrx9UdDoLoRIyYkMRw4v9GbmCvGoS9Dmjb6VoDAPL8qXc5lOdJhgBBMbJEKjmDZAZ8jOmQAUb2k3DD8hL4e9xZklED-uy98pBzVSfU7dbzjpDMKoWIFTl3_2aLnFloSOv45vk55rJcrXUrep_4W-wzMkWcgtuRD2EYhWfJwunpSff1FSsLA9L_VV-ug&sai=AMfl-YT2L38XT7l7wxS9XTy2kVL7UWz97vk0n_bCLCW3a-7mAd3_iMNBHhXaGgLklTPHrq-XpehAa7KlzdXKfkLezUaUprgYAD-Q-PkkBWYpXqASoehP88TgrKyRxtSyILCKv86zqRMWzg7gp6swr-w&sig=Cg0ArKJSzOyRqK8JrdZSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 12:23:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C8BC 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38d77da63a576489a20afba75fc8527df327d5401f3e12b3bc184c69193b5ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 69ms
68ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aefc9ba4c380ec7bfd9ac429b9260dce8005ee004d878607717b70dd8799102f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11693
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C8BC 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:23:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:23:18 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A65B 9 KB
4 KB 52ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d670d1f0a5cc226b8621d3aa4fc7e047fce3673c616ab35dca73a63f3a077803

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jeh7xej95nzpm2n9b2xvpn832n3v39e8891s0rk8m5mw63ryz83pcv46b8kp3jj9vgywt9nrs6159cqxv0cnfdx64ywhprfg1rg6d8skkkwy3svbyeybgy17wt9pca3bxmq60ad3bh8vc9m57a4sedvtjpe2h58a1k0rhdxfrnd38psz9fjadnt82px4wk4knb1kcd9hnpc53c49djmd61qeewtfm5p0tpqkn1ss5wvs85yx8ty0qz40dfbvwtdqngytxac0kcjhyam0n97f1h3f2j954am8e2bejtge4vchesyystf84gg175fwmacb8aqb603vj3e1ktqm8xqssx5karcfq9z123vr2sd8k6k43p0de1cdhqx3nkyepywcr1p7b390c2wwsdvc3gegc55qrzr2agb8c07j9j32n4xghw51cgr2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%26client%3Dca-pub-2650755364999156%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 802eec137f3d3685-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:18 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA9C 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:14:14 GMT
expires: Fri, 06 Sep 2024 12:14:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE12 829 B
1 KB 32ms
31ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

209d46c4c47b2e7d322eb9d86e11d75dcff7d82e3c2f83c7c598d5792b5e1cf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mxnp2LL4B6U3DV9-J91wNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-mxnp2LL4B6U3DV9-J91wNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:18 GMT
expires: Thu, 07 Sep 2023 12:23:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5796 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:14:14 GMT
expires: Fri, 06 Sep 2024 12:14:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A4B2 829 B
763 B 32ms
31ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f633fb945b143cb39c08720d57c8e032163887234292c5fa1463121413f66711

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XaSB0XBjw1TV2P1apMfJaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shorouknews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-XaSB0XBjw1TV2P1apMfJaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:23:18 GMT
expires: Thu, 07 Sep 2023 12:23:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame BA9C 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:23:31 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame A65B 114 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 90607
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmw9EiWY8AzrFQTK5JXQESWiXC9AyL4fJiUMzdGXU9BInHIfvlmpWgIYQu%2Be7PLVd8Gg%2BSoR%2FZJf%2F3fiFmGWjE1gAOPOe520LjSiurL4GAYmXFfEwVObSYxHN8j48hpLDhTNQLz6n%2Bw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 802eec13dfac3685-FRA
expires: Thu, 07 Sep 2023 13:23:18 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame A65B 44 KB
44 KB 46ms
34ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1774871
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVrkyMTYVHT%2BK8ZVCtnHmA5aIaOtsex9sayuZnsimQfZbSLBgIS6e9jaAm5IIe%2FR5QpmJCWnTn4JU9wODaSijFaJCsig1fcu41i2AsSzN%2FKVLBgCkvR3zBsgr0QQ8WGrfT%2F1A6Loe%2BnADKFv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb911db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame A65B 699 KB
701 KB 60ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012065
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBsqvCgHppi29lR39pzzFUjxzWFocfUfEDIUpHUCFukRxuvYQcbkaQ2oDm2OFUdaTxOYN06fNw1oVSNVOlPxKlYrIB5j33zoDBmZcBcVPoSMu%2F1xPwQFL8QoK3CIhBn2nMiBN60SscTTCrSE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb8d1db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame A65B
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1694089398_53b3add0-4d79-11ee-8c55-226543793aa5&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

106ms
39ms

Image
text/html

2606:4700::6813:afbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1694089398_53b3add0-4d79-11ee-8c55-226543793aa5&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6813:afbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 802eec15ccf1362f-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 07 Sep 2023 12:23:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1694089398_53b3add0-4d79-11ee-8c55-226543793aa5&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A65B 74 KB
74 KB 59ms
55ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 404496
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsT46Szhlsp4qC9g1ydcH8kBAfcScSFXq0iXePcuJYpgDWCCtb1QUUgY1X9RiBuN1a5tkd3goKtYRfM%2B%2BB8WZToVWxcx5w1RfpwrEsxODzC5xbixspo0UwPQ7WCt%2FYnwJUJ0l6LZ59gzpnWr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb8c1db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame A65B 31 KB
31 KB 59ms
54ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 849951
cf-polished: degrade=85, origSize=132437, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 31747
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQe1cr5uLI7%2FuFl3D56Th0TyGP3j6VCIWd6rj8bQ7CgMaBYIByikpOq62gJbfwNDuYQVQ0yD05QQ2oYZLxaw0hGgn2oGPecmngJPcFeMZFJK438iyfeuf3%2F5bX7NpZRSWQdqP76krx4fKbAo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb921db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame A65B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKf6vua-mIEDFbyQ_QcdJ-0IRg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

113ms
37ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 12:23:18 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame A65B 13 KB
14 KB 59ms
55ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2056378
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz7iNvnL%2FOSHLvlJXxV%2BEayn7MiUYpJ%2Bhrnyn5Q0L7G1RW%2F%2BR0SMs%2F19hucmLl9b0MjmMjoVIgPMQuZA3q6BAlgP3NXXiIj5iVDRqZuwVBXocYIccbDJPueoIo7kcap%2FOp%2Bq4FphIEXLTCJ3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb8e1db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H2 200 BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame A65B 27 KB
27 KB 37ms
33ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2415111
cf-polished: qual=85, origFmt=jpeg, origSize=123474
alt-svc: h3=":443"; ma=86400
content-length: 27302
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Jul 2023 13:31:19 GMT
server: cloudflare
etag: "b2c66965c0cae09bbfaa712aade417a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeMp57VlaiaUuXc4K2bs%2Bj%2FyEdymv%2FbrU3LvpR%2FZHZAB8Pyys%2Ffnc0pqi1lf%2BMjl3xEj%2FdP3%2BFIP7hFq76dBNQjnVRz2DCDi5kbLzF7MX3u0KowerSXTL%2BVOZjVp%2F8jd4wviq0AwaOB4ve5J"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 802eec13eb8f1db1-FRA
expires: Fri, 08 Sep 2023 12:23:18 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame A65B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMP8vua-mIEDFTaf_QcdJYYC1Q;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023090714231888645347069X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

116ms
39ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023090714231888645347069X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C166402&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=300&d=250&e=&g=5c47ae8baea1424c6527173256ba7e57%2F17645350455300043931&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1694089398285&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx678khwvkx58sjn4b8wntrm1p253an96mcbf7xqy3b457fyy40svx0kmankxcm50dkr9680ptsyrn7d3e8n6d10r6qmm5e5y23ay8f91dpfg8j5945zf01wp34j44n8demeh1n1f91xvp2a3vg76fme3z4238nn5xmw7sbht02wczryp0jwckg3grphaxfw7fw02xgjn8w64phczpy88fk626vzddhfrhpcpgyek6rq18w69y7zq9rx9tga6datbyyw0kchfmd4gj7amz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiC6JtcD5ZNS9Hb6i5LcPwK2DKJDhgYRctqjCivACwI23ARABIABglbL4gZQHggEXY2EtcHViLTI2NTA3NTUzNjQ5OTkxNTbIAQmpArAvloFVALI-qAMByAMCqgSCAk_Qkro9xaK870JAVSWHvCdC5G13I9BO-pQdlONOin-xhKcMq4iOX-m1EJDoC8Ec5yWv3IP4iDrlyy7iFpKEWfXKUYZ1EHzmKW1YPOeFseldOqNEsR-5DqDPRMKfhh40Un_OoIfSBc0hhnfK8kBfdzhqoDEyF9dPrFvPE7-Y87E5x8kLBYcQq-xjgyk-6Zd2nZbZgOAHALbTxVhco_W-y9kU825ELYQblTgvAH2OHODlXRarGXH9oZqwwhumuyDPT9swPkF3_Ib3-A1Jbo-d4YGgEnT-9Vqu62_-nTNGftDDMPBd21VHe5Mb7Mt3EH9dwCNr6HW3lftqP92k9k-LLlb5yoAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3vr3VSwvKv8NRpIpaPApKBpO9uUg%2526client%253Dca-pub-2650755364999156%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Thu, 07 Sep 2023 12:23:18 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023090714231888645347069X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE12 0
0 123ms
123ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=4446895528692808&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5796 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 02:23:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14745
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 02:23:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A4B2 0
0 122ms
122ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=4326161687128848&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BA9C 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uvVBcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5796 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WzCfBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:23:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D584 42 B
64 B 130ms
129ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_ONPIx6_Jc5yVWi7nE1jCKnqZvyiuwFcAfjGVt_6ItzxLmlAtGR9MxVpFBn1KT4zkdHDgZaOH_mZdZOJZ1ZX61ufv4wrFUX5O0fVn&sig=Cg0ArKJSzDFOc8olneYsEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=314,948,1001,1348,1514&tos=314,634,53,347,166&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694089397020&rpt=102&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4D2D 0
127 B 37ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 12:23:18 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8BC 0
0 129ms
129ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=4446895528692808&bg=!jI-lj8DNAAa6D61Rmg87ADQBe5WfOE03Yllqnh-DsDaon6V2cAdrcWeyZs0GNwDQBeLgij7w7AIbB587jIIOufF8siqKAgAAAH5SAAAABmgBB5kC3Npt9wqo-H95MzWrQXtc2hc7HPHOQaXYMW9iXyKZNCBPrJgG9fcEIMmqvTA4J7zvomZ1B2FNCqYIcuN5cVXFMjLxoX2lqim-Fr-eofnlhP7a4jpzQsVMX71b1lvs0u64nJaapyU5hVy7f0xKxkOUDQ28zJHYZBQoyZLPtI7q6FP-a6JI6osq5tnXy_RsZP29vn76qw7U_PQvq_d7R4n4j0xT9h7yG65yLWxD9qjvxARdZSsNfmjbKbQ3BpyJSz0wsZHdEkXtVR4oBAsbVXDiveM4tK-J_L4CgtyJt3H945D_X67D13mM7SzWgzDLUJ6OIRkrX8FV-T3-Zrp2vylEEmzM0bNKKUUqilk9JpTf6ecHgeqIUyy-y4Ryx9_lpE7oh6jLF4LVDRGZRnVqmoXFzKxew5M-Ct3FKBPYMloUnlQb0BJ8OArh-UglExiofI2N9s5YlFPGhZG_Xf8588aiFDj_7DvGxDZRQyONTgfD-CfcE8OqJH05SOc3eZfUtgksD5N0lAk3r8yltKqXuSo1cyDMADdJYlkqUWw7Vbh9kxdqDeZtcArr0QiGJDc8Y1eRhUmV7SR2ygZN3sulO4wMCbjN3Wun4ODui1uGeiT8Wcff8Q9Oik9zA22P-PwWr-FKwC1TbyxxYYg05TBBDxwmElyssi-jJmHHUZmXZ4GKR6nJHrnFPeIGTteCFzkYJcs9cKnan7XXroSmYjVV3i8CPbssmtREGU34_r9bMF-Vftn_h91XFgeOp0pqiYntoLV6qp4q6z1WOJk5XBztt8E6Yh3zrshyY-2sF4nWMN9pn4xWYfOXFCt8r8XAsu3DI2ZgSLBRpCQew48dbViVmW_U8qbqU8FvD9dZoSyF5_Loym65XGGBU66A64AaXREI6RCkZa_Oc0Jo8AQFtWQUOz8NZSA8dcMLB6rrhPvEAUBe1d7gh215JKhUYd_cAGaCrvVhZuYGK1AmvYcqHqC8UQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 129ms
129ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=4326161687128848&bg=!Xl2lXRLNAAa6D61Rmg87ADQBe5WfOAVfU9FvvUYKN0xi_1xqXASwzFh5JXgSDcOJRDrFsRN0Of1Xr9OQW_Md4Qs7-5bjAgAAAHlSAAAABGgBB5kCybgTUgYphql4PzoWiwK74LYHKnG-Haf3_vZt8-KOQ8YxrZd41orDt67GDRJ1-cigeubBHdAr_wuWKvaQBzpO_i1oizHQ93rKkA_sNVsM5JRNEOOCCLdpYpdpAtayk_VaAOXMwTddDQ9-gLy-0bgg6fDQF9np2rWmOsQZ_ZnLPudAdZA4_nfbym5bdf5Iv6fPDq6bS0OmyWT3XsZdmOTyHRL2tYM60VTJXCwwB68atoFE-T5V1b3Hw_93EAiDtxRezQ81T9UK6eMROo48tZ8ycrYcXZUSbgBGfHzWD_MVcnGnHKJxi-Hf0NG27nqpHeu7cnOeNMO2y3wh7_84joPd-38vALbxTC9E0D09ZqOyHVONEDWWY5lgujalgkbSMLCp_OkLwzgirSm9JUSCCILYFiQntTH12OP0EE3wrP-7v_I_-Sr4l30HmXa6oHsAehhq8CiB19RdEuztNeiRpfmSrejHdDNiMuRYvs351ae45-_M57lPfbg2bDPix2C6mB1prxVlTRH5AHRzF2atSy7sqCLnEWD52tYD0Iv_mkIOLd6qKOau4Zjntsande8s59-gUgFoAB0iNDdRqrcQcATpFysAlsEcGTWis6oTYLLn32ul7P_k6XYwuvqCvqcMH95c2gkjp1V9V1hoRMcgwuhsVaD-tJy13V_ldP7S-zE6NRPakWgb9QWi9AIf1reFRZ7pt8fR4aMrPx3PKxpyarTVJTDY4G4kKfOIErEaJf6OVc4le-xsoqacGhWSzK-9JkrFi2YrVZA3ozKNL6_ckdau5Gxi8i80cq8lGsWW4lkr-VNKUFnwH9ykl0e_POm_MquJUghp3oBZ7w4SJrkYn8TluobvbSjBiXc43MG7yDvyPanHxmq9ZgPFRx0bwrd3Rs5E8Am_k35k07Q_fukjdTZXyhJDY28bkntOooTEVtGOmFg82TDS8F1QVJ4L
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shorouknews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
371 B 438ms
110ms Ping
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.shorouknews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 07 Sep 2023 12:23:19 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 483139dd098ccd048aa371414453e40e
Content-Length: 4
Expires: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9K72S3WSDG&_ono=1&gtm=45je38u0&_p=725020562&cid=1065299618.1694089396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1694089396&sct=1&seg=0&dl=https%3A%2F%2Fwww.shorouknews.com%2Fnews%2Fvi&dt=%D8%AE%D8%B7%D8%A3%20-%20%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%B4%D8%B1%D9%88%D9%82&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K72S3WSDG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shorouknews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 12:23:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shorouknews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.shorouknews.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lc2f1mxsj3erkhkmi0bwbikk
.shorouknews.com/	1970-01-20 16:44:25	Name: _fbp Value: fb.1.1694089396398.1568210017
.shorouknews.com/	1970-01-21 00:10:49	Name: _ga Value: GA1.1.1065299618.1694089396
.speakol.com/	1970-01-20 15:10:49	Name: __SPK_UID Value: 5269ec74-4d79-11ee-84ac-86a49ecc557e
www.shorouknews.com/	1970-01-20 16:44:25	Name: __SPK_UID Value: 5269ec74-4d79-11ee-84ac-86a49ecc557e
.shorouknews.com/	1970-01-20 23:56:25	Name: __gpi Value: UID=00000c9dc0633b93:T=1694089396:RT=1694089396:S=ALNI_Maf1lVYWDvH89HM-8bfr8HSfSnmHA
.doubleclick.net/	1970-01-20 23:56:25	Name: IDE Value: AHWqTUkaDRtFrIyGgGg2FkY-EZhc2JtFM12MoG_7CE2e0xbldqT56UwBpYJKFYNC7ao
.shorouknews.com/	1970-01-20 23:56:25	Name: __gads Value: ID=556b5addd1be0233-2216ccef6ade0009:T=1694089396:RT=1694089397:S=ALNI_MYtRsB0hvuvummnK9uS2uqj5OeOGQ
.shorouknews.com/	1970-01-21 00:10:49	Name: _ga_9K72S3WSDG Value: GS1.1.1694089396.1.0.1694089398.58.0.0
.ctnsnet.com/	1970-01-20 23:20:25	Name: gid_CAESEJTmQB2K5L4Cz5KBDj5gsok Value: 1
.ctnsnet.com/	1970-01-20 23:20:25	Name: cid_0f61b64035374623b319cf59c6adf001 Value: 1
.adnxs.com/	1970-01-20 16:44:25	Name: uuid2 Value: 1153359620449733842
.lijit.com/	1970-01-20 23:20:25	Name: ljt_reader Value: HSAHtGZHiYN1tuL-QjG2BPdl
.simpli.fi/	1970-01-20 23:21:51	Name: suid Value: 4AF25178B9E0460BBD9378E2CFFD427C
.doubleclick.net/	1970-01-20 18:54:01	Name: APC Value: AfxxVi4o2GXO6Yquamzv2GRGBSXkCSD0s2rlPcygZPFwfjBD3eKpBQ
.awin1.com/	1970-01-20 14:39:08	Name: awpv11354 Value: 412871\|1694089398\|53b3add0-4d79-11ee-8c55-226543793aa5
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 14:39:08	Name: HTLP_timestamp Value: 1694089398697
www.conrad.de/	1970-01-20 14:39:08	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 14:34:51	Name: __cf_bm Value: Yge7KYSofn1eBoxSUdAyjoWbL70_LAhr0V7W2XCmsa4-1694089398-0-AVMjf4Hqku8vq0pS3gkfDhIdYQTqeEJVv1VfY28kQXvAV5h3yx8jqiENzD1Udhz5yqDJiL3UUSYdJTBGxO61epw=
.o2online.de/	1970-01-20 14:44:54	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NDA4OTM5OHZsZWExZGUyMDIzMDkwNzE0MjMxODg4NjQ1MzQ3MDcxWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 14:44:54	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:44:54	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023090714231888645347071X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NDA4OTM5OHZsZWExZGUyMDIzMDkwNzE0MjMxODg4NjQ1MzQ3MDcxWDEyMDIxMVYxMjI2MTMyNzAyT
.blau.de/	1970-01-20 14:44:54	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NDA4OTM5OHZsZWExZGUyMDIzMDkwNzE0MjMxODg4NjQ1MzQ3MDY5WDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRqODN1RWZaZVNxeEoxdVlIRUgydDZ0UlJKVUtUelR4SmM5b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExNzY2Mw
.blau.de/	1970-01-20 14:44:54	Name: nscQ486 Value: V
.blau.de/	1970-01-20 14:44:54	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023090714231888645347069X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NDA4OTM5OHZsZWExZGUyMDIzMDkwNzE0MjMxODg4NjQ1MzQ3MDY5WDExNzY2M1YxMjI1MTMxMTA2T

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1(Line 20) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

72f929cd9a906ab9557c94fadc6f04bf.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
cat.nl3.eu.criteo.com
cdn.speakol.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
d31qbv1cthcecs.cloudfront.net
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
images.outbrainimg.com
ius.ctnsnet.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
prod-rtb.ad4mat.net
recommendation.speakol.com
region1.analytics.google.com
rock.defybrick.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
shorouknews.com
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
um.simpli.fi
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.shorouknews.com
www.telefonica-partner.de
x.bidswitch.net
d31qbv1cthcecs.cloudfront.net
104.64.118.247
13.225.78.27
146.75.118.132
167.233.13.224
172.217.16.194
172.217.16.198
178.250.1.6
18.66.112.48
185.89.210.46
2.18.161.178
2001:4860:4802:34::36
216.52.2.48
23.35.237.86
2600:1901:0:76b9::
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:4400:1a:ba5c:3900:93a1
2600:9000:211e:3a00:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6811:180e
2606:4700::6813:afbe
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.126.69.45
34.91.62.186
35.186.193.173
35.186.253.211
62.67.203.100
64.202.112.95
84.200.5.215
00e114934255d67927d6d13e1db9bf2cfe78e6110401acbceebb0dc4cd237e05
0150ad56abb5b66588eed982945d3b824e676137ae9e305446d1728a20ae4c78
026615d6f2231314db99189a4926886f7463a1b5a89f4f05dc8f6161b971a111
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
066b2cd584d2e287c8c1605703d409aeda83cb5b16ebeeb2d3a883981c5e033f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a515f72d64c5af442253f95c74340b25dd8f602d9a2686512feaebf0297aefd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2ff9cfc2dc77d7757fcbc0228a4b87cbadd0c6e2f761477775068a4ddf027d
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
0e57f2c259f8fcaf8f78a6059cec492159810885a719b473f906f73b81640931
11f430b5d92342848589ebb394f723a255100382c15cc9e6ccc8773ae0e4b93e
161311a07874e3ccbfdc9b9315adee8982ad6b17e8b52c1ef3152a5b2c317778
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
1abd2953de50c7f7691d9f2386a8832f51605596024d0f2eb8f1a805599ad0b0
1bb5751420eb2c2a03ae203bbedaf76fc3f11d5bbc894733ca79bc6c5e135fdf
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e809e056ef87dcf46f7ec71b703fccd8f337bd5a2c96762dbe31586f70f792a
20529a83fc8e060e9ff6307e8c041171b8213640a7414b4a4598994906207daa
209d46c4c47b2e7d322eb9d86e11d75dcff7d82e3c2f83c7c598d5792b5e1cf0
2219ef2c7fdc0eebd87e483c3dc31a09be1f695209e119866767a757ad72f789
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
24c937bfc73fad149bf05fd3cda90ecb080c866c3668f83812221d4567f4f0e0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b1cdbb05006595e63a60ce7907c0bcf8967830ad6cc2c46216386477f4197e
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
28c91ac443a5148992a1cd629b828465abbee353e28d39bf1ba97e714d6a2738
28ff7379eb21c40da7d856ddeba742d9629f529672e2a14462f4ee85bbd9ca30
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fd5744ae05a7b0a6dad632dd4a2147c71f8466b0ff975baad390059c0fbc1c0
30edd99531761e544ec4b9955e8ab713d16af5717adec2095a3529f08ff9bfb9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
321b9032ebd2a1fb7f7b00aa1f7c1c762772062b2558c19e2b5cafdf85b1cb83
343ad5ccd991c46164fb6a3cec5de84637c5fd5f607ed140ab63a6cc16acbad7
3722e7cf4afda01cafe3f71e40ed3f122a85afc9180752ae7a2c583c95546d0f
376d8059a15f6e8a2be5335937058586ef67f249e6f3b94e2b15bf573bdec1c1
379f3a2ff54d3f426928fc72c7c9e046ce1161fb949d1cae6861e99dee984e26
37d2a7452aa7d6983ebdeceec37b8adc31389ed2609a23d8cf2e1a9508339230
38b812815eee1ebcd5d55a22bf9439870b9fbb98fa37f31db456e4d9745397e3
38c5bd99832efee892e129a72341cd2b5bcbe081a39c02b4c6bfa9f225550380
38de2fd4bc5d60de61764ba988019d889af767c8c34a7d7415feaa19960270c9
3ad6fae696039cb36e2f95b4fd1b7527813e0662dee100593a5066dd8197885b
3cf19029e63eb8105fafbe69427e00392de1db85caa6e93748dc66787f8e0f90
3e031ee2b6307161e852ef731954de0f13930fb0c43596f11ce825aa6a0019a9
3fa599ee5ec87a675a1ccce6201c9630260fc38d925a6b37b2964f9c816854f6
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41ffa9c02231fabd30f48330bfdf6c38c74f90a75e0567e2f70525bc992c6225
4394593b12c14b2e2509d19b31bbe836231ebdd49f4d001f73ca597ad47a3ab3
457e36bba41b50a30ae55cfba7b8d2bf26bfac5e674a10ed49d9df543b5b9162
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
491edabe4afdd871a4f1c23014a5326f95bcaf805b4c720f66b31ca804807375
4a27b3b75d33ce32d3ce802326b92da13862557b5cdb1fe4299b24ab04d9e89b
4a983642d8c653b846e79697e1e11335074903d724f8ba732f9ecf3f6a1e7893
4b92d54035f8cf8871d7932bf96d5e298356a101f907482a82d7e12b01af9fad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc0705f42741870f1a91ce73f82122fde911ff554d6d1d469e6ce483cd59a3c
50b8ab1fbcb551cefea48f28d936d82321411b127f88886c75a00d45152446ac
5143f2a35f1602ae08718b519b77b5a988278bb24d27d17f6da6b3f8055c57bd
523b2a5099ccbdc0f239da183b00972f247ad9b570aa83c01a1f1d4869abc471
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558fbbed93c12f4bf9110cb5647beb47b7490c38c9bccdad1c733169642dd906
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b70aa592d7b273a6a489631d8f535c7846fd96ce76e697c73c40e587cb596e
59116f4edd0b707259f960c7364f2dcba84d24f1a339d4e75e71e96d2d8a4f75
5ae937cc99ba9a3b750df97d196f0379db9802942bda00626ebaacbc19bbd964
5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d9627946fcad2ddacefe71e61e52e0fe6da36f2957869ce1d4abf8e410fbc6e
5dd3952f0609334bbab1db2ae628ece661849b6a9192856980cf4dbac34f387c
60be01ec5efde6dcf62ca7a01939d1f1edc32fe8f0a9c36933aafeeee0965338
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6400744d65ae94eea5ea9a372fc2971c5be2f8a3c7ec2dd087fec1c2ba649600
682e217c7328632316401450d073f2430079c2af2a2e27248965cf66ca4d666b
6921c3d43a6214feb22f72bf0b393dbd8d99005d2225e296b6070362035b335c
6bb685d02a2098cf0e9b90d481a9d2a4bcc8480ade7419df07f8ded54010dde4
6e7510f66c1399bed56e18219b3000870133b49160e5a69a3e5b86f6e319bec1
6fd4ab688fbaa241d25046072002d960c8ec3bc500bb2e97a1a54d2bd8017960
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c4b2d72abe9900c6780846b6bc8da01943b712cec36ead1c5e67790d363506
72d5a4f29578748280dc2394e27e2b42716585031d5b37dfc7e3ac89b9560fbd
73e841a9b46ca6b96e6bab501c7a44f079a2a0ce1c875e66fb3b6e67aa9a41d4
7b3d857f32d0032cf03b64c8f382e306d893d0bc0fcc48e90c5f80515fa31b91
7c4c69be05f695c8e3117c12979023fe9f01e0b620d2868241c354a8435ba880
7c65245f3da4f90a4780278af1a8e303b572e2eccd4f0a1f5b77ba85b4e72e31
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7d8a62ba80817cf6cf13ead26ed2f469b59c8c3a13da1266f5a0832299ac2df8
8231eabfa9417524cb9e88af68aa1b9963d276b91f2723bdf91682312bb0d63d
82d01509b715355ad79572fb419f1f236ab3a89c1a15461abc8ec0a16d7d8cce
836f9c0bc58ea440cc9d713459ab3f0e14ea6ac65ba71e5cdc2220f10cd15ccd
85f4c746eef70df9da26152d064ae1b13c099a1fdec9ba0161b0b4166c53eb29
86d02ca303a2e48be3d9bbe8a8268c744df1394ff5c942ef391eba12ce0ffc12
884ae3125d7e320b5e661b50a28bb5a2e3e46635bb1f805424cf0f7b396587c3
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8bd485c564564fdf0155995dbdb3406aff4524b2cdf47540544b34e95bf63ce3
8da6c5e84f051ff3fb31521e001ce23fd45a1ca28a16e95a8a086c68fddb2d46
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1738d07df9f4a1839bfb03832b748068e0e908366407c93886b6e9b7ac03f5
8f473159cb80b9d27f5760e5ad8964fc283138c3ac8f0c0416c105f8b2cbc13c
903f6e82d15f3fa8988b8aa4ce6ffeb7f3e655c37ffec02b27d4c4f7fc6bc2c6
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9570a6810b00fa10fa896e31f7ee82ad5ebeb147c474875509b9c98a1f0ae132
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
997c7e1d4ca02022f240b77a3e6d37c4693d8b7566349ee2b9c81dd34f66b8d3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c6b0dc1452c13a10ef6d0abf2412cda050c2fe0b9292a631fcd21f92219cc3f
9d23ef10c622a924fa465b9b4289df8b3dc24a5fa9ffa1bb64c912adf40ce5b6
9e3656c0835ee44467b18933acd5a790954e62a5c5419fb5342020cfd867cc6d
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9edb63ed7d5acf1bc1d3f005c189fbc9741e77db2cd122f73ca576e896a3223b
9f8c5882dc3755daefb8ae805fbe6c0d657abfbe3d67efde199319e317ae7ad3
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10ab732b9ac95907a0a6d76c2a26a83b2e1fc7ac980c8fa6a480f0d0493e136
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a37a40f301678ad1af42f250ba66ab3e3e752346c0f9f9481a9bc61757881f4d
a54f0cd19d664daef6cf1f12ed80eb582690e513fbd7d09543c5edc5cea787c1
a5d8634d1b4fc2c412ae88079e9d4c72bb740ba784ac87c4ca9d841a6ceb1172
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
a7ea5aa77223af76a2c99284380cb93db9be1b5d21b39abe78e180e0b5f342a2
aae0b64917a810d217db3ce7d68b23c9d197f16b96dd5d1fc053e040bdba3da7
ab54e441d2fe5f8f5ff14217034a6b25022da83e32bf2b7d8ef9dbec2b1f2394
ac96eaff1b1f7a4928d80a5e71651098743775f719a9a3cf89fcc98fe408dfce
aefc9ba4c380ec7bfd9ac429b9260dce8005ee004d878607717b70dd8799102f
b2f514deb2e4dc548bb75b3bb4955e5240cdccc22d79dd0994f8763d2d48c912
b3637ae88eb464dd3a0c071b0fe6d96130819cfecebb04a3fcaeb7bc97a32dd4
b5ade302aa1daab6afc5562e4871d499d08932a7dd3d622c407fa758fdd4de1b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6658f07da282778e5b670a1315457f5974886a602de247195e0a1b3b5ae2aea
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bcad982f3c5aa7614f7df43719048244c010c28e8545bd16670c4368758ce91c
c11da679191630e51ca9e0fb524a4f95fda14ea9792e2f8473f52def8bb7c13b
c7697385e686dce9519e77330f96d3cb0256e3d97df2da2d3acb3d8fd66f242f
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c970dd7525ba0d0cecfec5a97022f7430d1798462cfc4ba10752229814d7ac94
c9d78f2b64adba633b19c424ec7c7a8c4a6fc7377a08b8b1a14d69660d1e12a1
cc3b15cac66ed26df4ba8d4e879fffd3cfc0923ed28d42286ad638b901fe5890
cf1f77f7331bd8b63b77608abf167b4a2c8cc08d01f1b172b618747130ea2aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d015171e02e628f51a0e83472917a264f3537a176346a7d22df291639bc4c417
d029ecc1123ab3702767fe7e49be9d65672930b71ea1ee746f3c474d66468f33
d1fc9b94ce669399f92ad9521f661527b55c951e1939a286f3079c8d450c61ae
d2a4113631407ab619ed2d9096675d776ed798768b591d8004e56476ebeac4b5
d5f6fb56bd709cade520d9c1f320ac0c5a67f5e780a36492e3e173d24fee57cc
d670d1f0a5cc226b8621d3aa4fc7e047fce3673c616ab35dca73a63f3a077803
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
dd58f587d3bb29ed96c97a0fd863c19404a661bf8822e09476481d223bb8d03c
df568d08d7bdb22aaa1d263dd2eb955a617ed6b2cf7cb81758401e470c711cd8
e04ee4133b6bc79c999130679625df1d891c439b9c6d17fbf37f698a814f02ac
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e375a13f3806757d7d1c941ca6da74f2cd31f7b9cb136381670daea1654f8833
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e6a19f2b2f817537d0f4421d2ce3a2b61db30daac4e20e55011db6229cef8431
e7c35a334a5be4d552f3c1f76eb94c1dea8503310f260a74138a4db3c86ecf00
e80390246ffdcc7dbbe4c7a449da23eb4fdac14ecd5252019d33dd5897df1d1a
ea28d5d82a36f530a0cab70e8adbfcf8f7e17dfc60a26c3906b79e3a8534b26d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2490561e9e4a14084f9c5836a0dbbfe5eebc4dc4842b68cc94e1ecf07b8da81
f336855e040cebd8d00280a3f1dca9167bea3034d743376945158c7001cd3878
f337e2c454d9d72c1bdf16eae4fb15fba66265a888ac5512338b4d97310df0d4
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f38d77da63a576489a20afba75fc8527df327d5401f3e12b3bc184c69193b5ed
f52f5e64f656100a9fbb4383bd4c9085a03ecb7f681c741eb067b8b03c307b6a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f633fb945b143cb39c08720d57c8e032163887234292c5fa1463121413f66711
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
fa1b5f216b40c2a4fb0f1fce9c3e8d3319929639b6b39f5ddb35620430bc9f08
ff920d22e55dd958202f9c1a39b190362b98431fae92175cd348daa512cc735c
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.shorouknews.com Open in urlscan Pro 62.67.203.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

96 %HTTPS

61 %IPv6

35 Domains

57 Subdomains

42 IPs

6 Countries

5337 kBTransfer

9495 kBSize

26 Cookies

15 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.shorouknews.com Open in urlscan Pro
62.67.203.100 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

96 %
HTTPS

61 %
IPv6

35
Domains

57
Subdomains

42
IPs

6
Countries

5337 kB
Transfer

9495 kB
Size

26
Cookies

238 HTTP transactions
7 data transactions