www.getnews.info Open in urlscan Pro
2606:4700:3038::6815:e9e2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getnews.info/
Effective URL:
https://www.getnews.info/
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2022, 9:03:40 pm UTC) from US — Scanned from DE

Summary HTTP 159 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 25 domains to perform 159 HTTP transactions. The main IP is 2606:4700:3038::6815:e9e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.getnews.info. The Cisco Umbrella rank of the primary domain is 710984.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time www.getnews.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	2606:4700:303... 2606:4700:3038::6815:e9e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3038::6815:e9e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80b::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.169.133 3.68.169.133	16509 (AMAZON-02) (AMAZON-02)
3 20	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6 8	184.87.213.8 184.87.213.8	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
159	33

8 2606:4700:3038::6815:e9e2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

getnews.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.getnews.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:e9e1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.getnews.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.169.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-169-133.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.87.213.8 (Milan, Italy) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.23 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	452 KB
37	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 ad.doubleclick.net — Cisco Umbrella Rank: 202 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	145 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	522 KB
13	getnews.info 2 redirects getnews.info — Cisco Umbrella Rank: 703423 www.getnews.info — Cisco Umbrella Rank: 710984	200 KB
8	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	8 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	84 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672	85 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	208 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	2 KB
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 598	823 B
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	549 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1128	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 568	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	375 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	646 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
159	25

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	www.getnews.info pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
14	static.criteo.net	ads.eu.criteo.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.getnews.info www.googletagservices.com
11	www.getnews.info	www.getnews.info
6	fonts.googleapis.com	www.getnews.info cdnjs.cloudflare.com googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	pix.eu.criteo.net	ads.eu.criteo.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	d.agkn.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	getnews.info	2 redirects
1	pixel.everesttech.net	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.getnews.info
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
159	38

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.getnews.info/
Frame ID: FF6FB1ABE47FB7FF64DD1612CE61F292
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258
Frame ID: 5741DD000C1DCC08C08E27DAC8CCEC89
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=158082098&adf=3015956940&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415610&bpp=4&bdt=885&idt=240&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9614642022&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V0yFQcapPD&p=https%3A//www.getnews.info&dtd=243
Frame ID: 1F565A7FCA7619B20EF5A15F78959E67
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUcYIFWOwAA5ZNgFVLvinQcrqYGdL1g&u=%7CBodtjfLdCc20EalGqhzhqVHJmFTy2hjAmTGXDMJ%2BQ%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sqh6MH5y1EeF5olEn5IZ8OAHDXjJpQ_SpXTeoOqVWJZgiAwoMCcVOiopScDjlFRxMMFMUlzOPEYZxN9_gBxPofUh8I1cm5edNgJcSZJRnOC-uqJ9P1idlEavZziXnuJ-mw3DbyScdQF2xrSoeALVi8lb6kRrZDRtaSK_kTO3W51sfYWtYTmSzIOTeXsEN8Eri1FQX_0AsZ99XjoCI-r63d_GvHPocs62J_XHurKUElKIiCotQAUD9zV4FBDHPq4XaF3AX8CUcyKI4LFlVWywkp5ZViMu49CiJsRey779Ca0T7Np_397TvNcNpswWTAjWpezRDWlEUaFr0XzgdSwqh9J_fzloUs_Uf6nYbOI5s0azmxoOxD3krIdCNOdQqm4Ioo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB4mhKKWKYsajAbDH1fAPtrK5iATJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoEzQFP0HPpn3jdsPddV8-I5Rimg6v87XVgOXNoxF7gN9V9PeAY4j2uJFGXexHDWqSlk0_Na25UCJresG9BGJbPI5HAXxXvClJRyXQ5pO8kKwneH466EvURa3PnbBjPt5hNDOTcK6fZIT2Z0AHsmJIH-vzV5T2UfWP6UhlTl1SuaeI43_TnQRwgymzv4KKad23AP4yBFgsaxOUE8F-F5hD-lIKIUBnEry1J-Wlwh6JGpiXh1RKQbGFkRX0IZkLPx2XFaopV51BHBy5X00dpdd5RgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37aSz8eZxryN80Fp_NyKstiiZhUA%26client%3Dca-pub-7737704120074777%26adurl%3D
Frame ID: F182B1ABBAA9C1D7DBFDAC06E744A49B
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUBAIFWaaAAE091bnsLf1nNFZS82vqQ&u=%7CBodtjfLdCc03LK6tCHyFGRibmvyMzhprPD9QNbW9B1o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sp0NgUVY9_DIVJWBpL52skxPPtWG0YiIinIdE4Xmjjo_kdN8E5bxIXTcJ2JOb1F4RWHGDN0B9hViwF_1BNIXx6N5hE-HcDUiIAckjcUSV02uDY1PZ5EST188PoKqWoCUvehdoQjJQCowacrKhpFh6TI4Wb8DeB6sB5XbSK36cgf09Xfi6wCQWcUpEG6DMwj_WtplG9ePhTtr8KDUCxuNjuOY5jyYCJa3EOdIwiQQbBM6JrxMeaMjWuNr5RikVNVALakKHWjzcgDi4x_t2_JFQ1zGmB9L89Pl7EtgJiwK2gADpijS-CWzQaSHD5Dka6XFG2NS1VSw3nVnHIIv9WcuIvltg7Xh5usSGh6q6r1dxicwoW4-DuE3uAum8zrm7uVB20&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL9YEKKWKYpCgAZrN1fAP9-mE0AXJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoExwFP0ANi5A9Zs_xQd8HCnTcXGSa4_e6HT8be6y9dzOgkuDacAVbhyOtfHbBB0uIpKBlDNEGaaolvpcDb0ZwFBUPTeiTz7sz5raDHCIZix6CT7VS1E8vCh_knR36KUYZ_5t961vGez3o-xL71mEzo0ETDa4n8j2EVUxp0L1RU55-08HQ6lPYfEbfI6Qdq53c1TWL5MSUPeOEE-YlbOoOiu3u_A9mfuSCSql78l6IvuUs9nm1l0rOoeGygw4el5qoY4XQqQeNFOJcKgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZAyHaGud7wnO_a6WdPrl9vcoSww%26client%3Dca-pub-7737704120074777%26adurl%3D
Frame ID: 2A1F130DE38A8BB12F6EDC365BD2B3AD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 6131684BEEF5286F83FC0ABD7FC2EB8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&adk=1812271804&adf=3025194257&lmt=1653253417&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.getnews.info%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253416999&bpp=2&bdt=2273&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_slotnames=9614642022%2C9614642022&nras=1&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=20
Frame ID: 4311B761DB4AB1D18118D37B29B0C798
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FF85F1D1378A252D1BDAF5284C746B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 911E344EAD1D746B704D35C1BDB38B71
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
Frame ID: 78469F1684DE09AB6DA2DE77C9B7D9B9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: E6F86C01A423CC78A0CBCFA22348238B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: C56854514C4B8C9F07617F489E2C4C53
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3119C6985235A70F7F1F4499DD59BCFA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80AFAAFAE6AD960782F2D9CEE99DA200
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49AB8024500F0E1835F87693B60406AC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: CA9B07E448833AD4D3626C63FDD0970A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Frame ID: ACBE884CCACAF76318065BD9030108C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYnuadygEwAQ&v=APEucNVQkaCeRe56P8Kwr-kYzvK_uBs8qfIT7CD6CH5M7ae2ckzYOKxFNOifhJ9jXPgU1Cd4MyB0muIKJJfuWKmLohSssLOdjZgYg02eEQj1PAzmar80jAyxUfz3KNz1OroUhDAY7H8IFJSe8_nM0Y7CyTx2KoClZTzwG5ich3VkfGOPY9BLBvg
Frame ID: 71BB96CC3E591B2CE61CD426CE9165B3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4863AA8506A09E069C10B61658E8FE79
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B3A17E10E86456A8C75FAA730336FB4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get NewsGet News

Page URL History Show full URLs

http://getnews.info/ HTTP 301
https://getnews.info/ HTTP 301
https://www.getnews.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

159
Requests

88 %
HTTPS

61 %
IPv6

25
Domains

38
Subdomains

33
IPs

6
Countries

1831 kB
Transfer

3919 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getnews.info/ HTTP 301
https://getnews.info/ HTTP 301
https://www.getnews.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_pre=COT9w_WA9PcCFZ2Wdwod0g8Dlw;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 110

https://d.agkn.com/pixel/2175/?google_gid=CAESECG_rkL5lSM3hlyOxSvEDwY&google_cver=1&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ

Request Chain 113

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2hqHJ4jX-6Nj8UIDIqnB7myXSk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESTEtSy1MNklE&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2hqHJ4jX-6Nj8UIDIqnB7myXSk

Request Chain 114

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5GvqkfjAasjPbQaKkxYYySP2QOYGyg1t2IPbAWQka_6o-jEQGBSU49vsa7AoMXriSQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5GvqkfjAasjPbQaKkxYYySP2QOYGyg1t2IPbAWQka_6o-jEQGBSU49vsa7AoMXriSQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5GvqkfjAasjPbQaKkxYYySP2QOYGyg1t2IPbAWQka_6o-jEQGBSU49vsa7AoMXriSQ

Request Chain 118

https://d.agkn.com/pixel/2175/?google_gid=CAESECG_rkL5lSM3hlyOxSvEDwY&google_cver=1&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ

Request Chain 119

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL5FGuk7SytzFNCaT_KTgv2__Cq8QuBedXCueQIYHwwK2EKMqt2j3-si4rxvVUqXztMYzcobLK7Ro_oVyFqb2er10lC72w&google_gid=CAESEPAcnu9c2RwhHNs26sXO42Q&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKnKqpQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBMNUZHdWs3U3l0ekZOQ2FUX0tUZ3YyX19DcThRdUJlZFhDdWVRSVlId3dLMkVLTXF0MmozLXNpNHJ4dlZVcVh6dE1ZemNvYkxLN1JvX29WeUZxYjJlcjEwbEM3Mnc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWHpGWTByZV9DR2JzYnRSbEtDMkpnazBUbGIwZ1RIODA4YzZNUUNVajZNVQ==&google_push

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECxwfWNwfSvntYaIxcQh12A&google_cver=1&google_push=AYg5qPKYwbOCx2G_rTyoqzXeOTMXOk2iODYP74cqFLVVeu4m2WINL6LzubFedBVJbA6fDaoWv9Z81-S3HV4LOxgS67iahvYRp6M HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECxwfWNwfSvntYaIxcQh12A&google_cver=1&google_push=AYg5qPKYwbOCx2G_rTyoqzXeOTMXOk2iODYP74cqFLVVeu4m2WINL6LzubFedBVJbA6fDaoWv9Z81-S3HV4LOxgS67iahvYRp6M&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-Z_TwzVGTfyxdJAAgGj_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKYwbOCx2G_rTyoqzXeOTMXOk2iODYP74cqFLVVeu4m2WINL6LzubFedBVJbA6fDaoWv9Z81-S3HV4LOxgS67iahvYRp6M

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3wYI1EWfclLrrURK00R9cTMOI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESU0tMVQtOTJFUg==&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3wYI1EWfclLrrURK00R9cTMOI

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWcuLOk_xYw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWcuLOk_xYw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKs323CAfypJri0q8IAAABGcAAAIB&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWcuLOk_xYw&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoqlKgbGi4n9vAKIMtj4iwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEapHNSfafhFFiBWB8dIHHI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEapHNSfafhFFiBWB8dIHHI%26google_cver%3D1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTQ0MDUyNTExODI4NzQy

Request Chain 149

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDETJRiTUtjZn1wHaENUNlc&google_cver=1&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU3vNiMd4aIDPUNXzd1rBqNBKxP0Z44Je5b7BObRXg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU3vNiMd4aIDPUNXzd1rBqNBKxP0Z44Je5b7BObRXg&google_hm=oriRQXldlQR34tsxYjPbtg

Request Chain 150

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqHVkwC70kLFJzV-TK4GHFK_j7wNLWK5bKGqomtA3s_KIzffiT4vmVlIKrE&google_gid=CAESEO7S77G5M_Br9bLtcIP8E5g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9xbEtnQUFCVTVFYUVLVQ&google_push=AYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqHVkwC70kLFJzV-TK4GHFK_j7wNLWK5bKGqomtA3s_KIzffiT4vmVlIKrE

Request Chain 153

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECxwfWNwfSvntYaIxcQh12A&google_cver=1&google_push=AYg5qPKONnjJdby2GYHaNyrEIIjyZ8tza6HzuWB96uF7ueqVMqgqPk6CD_vpBPxmm11w7cWyJYvsIpysu_joB5IOfpuq3O3mRA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECxwfWNwfSvntYaIxcQh12A&google_cver=1&google_push=AYg5qPKONnjJdby2GYHaNyrEIIjyZ8tza6HzuWB96uF7ueqVMqgqPk6CD_vpBPxmm11w7cWyJYvsIpysu_joB5IOfpuq3O3mRA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufQCfb3rSoabxK1RyuqbvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKONnjJdby2GYHaNyrEIIjyZ8tza6HzuWB96uF7ueqVMqgqPk6CD_vpBPxmm11w7cWyJYvsIpysu_joB5IOfpuq3O3mRA

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQYV4WJ7OoHHug9m7hAl0fApsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VEVFUtMVQtNFQ4NQ==&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQYV4WJ7OoHHug9m7hAl0fApsw

Request Chain 155

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&google_push=AYg5qPKcRgoW_PKAQE1eG38PfrJIOopt25gfriPKdckGiYjx4ICDaf6AkCdXXYqLfFd-FLu-PFfrutyHfcHzABDu2pWpgv-0sdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPKcRgoW_PKAQE1eG38PfrJIOopt25gfriPKdckGiYjx4ICDaf6AkCdXXYqLfFd-FLu-PFfrutyHfcHzABDu2pWpgv-0sdg

159 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.getnews.info/
Redirect Chain

http://getnews.info/
https://getnews.info/
https://www.getnews.info/

98 KB
24 KB

693ms
682ms

Document
text/html

2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16fbf388b4fc3af276d5ecb0e2e6caaeea8b4af46e001b5d65c80d25faa7866

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70f87fcddb3f073a-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 21:03:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.getnews.info/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYOlMMUims%2FlWK8Io7XVqMUFEueQp0GWaD8LXKXgSY4Bceoi0QHSBXsLty%2FgQOjhodC0mNMg7ff%2BLvBHqekNLL41KwHlJWxhGIlxsZ0SNnjCkO4AnnFM4IQdnOYgS0AHq2st2VO5cQNq%2BYSXvGYC"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f87fca9e81073a-LHR
content-type: text/html; charset=iso-8859-1
date: Sun, 22 May 2022 21:03:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.getnews.info/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAd4Djw2l8vXSsq5M019CT%2BnceW5VYc97KkOTyxNiygu0Ip4PTQeQAmJnZCLSlcoRwrtEeTBHaI93JwDmK5JRC%2FNjEil9cGRIaUkSNbE9glq2DSduk9BNAiG3BVgf%2BbW5XkbgwxTKI9XI6Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 wp-emoji-release.min.js Show response
www.getnews.info/wp-includes/js/ 18 KB
5 KB 513ms
511ms Script
application/javascript 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 12 Sep 2021 14:29:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga5h4D1OaMGg5NGmUseTGcVVsH4u9lgAUkQiPC1QgSRCZyBThjoVYZgj9b7zaBH7BjdV4bQ4%2B%2F4PmYO2h71BLEmX8rCAlHiWI3udPJT%2FRD6UkmBr%2B7RzUwwmHAD7p5Q61PTdGxywIrdh0wUILaa%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd36bc7073a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
www.getnews.info/wp-includes/css/dist/block-library/ 81 KB
12 KB 598ms
597ms Stylesheet
text/css 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Mar 2022 13:23:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ycv%2FrzhLz1aaywNIWJFD4DWv9aS1c22xmrpu0uXk2PHdcxD6PVAxT04MhqzBYwL1zY%2F8wInjPxWyRB5HFgx9dHKsmOpz3IxHoGTYeUpE2T%2FJrxS414BcBsWZlxiv7KWw5tOXPX2orqh0zAr2bKlw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd36bc9073a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 143ms
54ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9571d6c0233b0d55c5a3d946fd8ca78c72114a0850d9ff48acccbe69dc3b8903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 20:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:35 GMT

GET
H2 200 style.css
www.getnews.info/wp-content/themes/getnews/ 91 KB
18 KB 530ms
529ms Stylesheet
text/css 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-content/themes/getnews/style.css?ver=5.9.2
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea3d9c276488f4645e84b2c004a5221ee0abb79acd6273c833f70f73a52ea08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Mar 2021 03:25:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueg0ug2z4kq%2BaMIrI0ZPuJuO%2B84xn50J8q1Se%2F0ho0ayel%2BsU5K3fgPZdxMCsSzqoGWVhj4qR1XYNRS6Xl7zO%2BvX6I5aZlW6wREwYt7GE1%2BQu6Uwo%2FiM3W9CeKfXWty1a%2FH3%2F%2FV%2F7CC%2BaTLTkTb1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd36bca073a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.getnews.info/wp-includes/js/jquery/ 87 KB
32 KB 499ms
498ms Script
application/javascript 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 12 Sep 2021 14:29:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3SYWZMhgWXKDiJixeqfrG6%2BvVzHHohiAd%2BcdXu8GsdP%2Fmnvhha4uBUgLVvzIgQIQdFKpS2a4b7fqmLnl68rr3pIlqYDZTrtunDR7%2F0V4GQ7RT8un44l1Npl4LK6mQA%2BmRBuFNvByuHZLrRLUdQ4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd36bcc073a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.getnews.info/wp-includes/js/jquery/ 11 KB
5 KB 58ms
58ms Script
application/javascript 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 May 2021 00:09:44 GMT
server: cloudflare
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6Jrj4drU8OkrBDl4HWFYggG1iu21dOg8B2WgX5StwfcOLW0H3pqxLJXolrDuVpw%2FD5BHbKxj%2FseAXEcC6nXv15VWS%2B8Izvzji4ev5%2BGmIQ5EC%2FOnvr4nmnGT6DT8Mvsgmh9KuYNZIdftthJcm2g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd36bcd073a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 131ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47275228-1

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c78238de1ae2075cab11bb66e73e1aa82f8357532868cf38ae3ff6c9ea1dccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39161
x-xss-protection: 0
expires: Sun, 22 May 2022 21:03:35 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 113 KB
40 KB 141ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b599ef45d134305b3d6189bcde1c5493165a52eb7d10a328eaa150f7cd08105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39954
x-xss-protection: 0
server: cafe
etag: 8905458479046373827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 21:03:35 GMT

GET
H3 200 skip-link-focus-fix.js Show response
www.getnews.info/wp-content/themes/getnews/assets/js/ 683 B
937 B 62ms
61ms Script
application/javascript 2606:4700:3038::6815:e9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-content/themes/getnews/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2016 15:41:32 GMT
server: cloudflare
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgyipeokzqPTp%2BXlnQVMsvSsnghJGdw34CI7j%2BhmqV94XsXrguNgskL7Hf7BQ5KPX6fqGFl8aW%2BfTmIEH19sBrqMUezRQG5gTQMuFyB6Ni2zOAYDX5vMC61S4K6Z5ZABCHjkqXwWPOFt96suWPYF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd4197772c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navigation.js Show response
www.getnews.info/wp-content/themes/getnews/assets/js/ 4 KB
2 KB 502ms
500ms Script
application/javascript 2606:4700:3038::6815:e9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-content/themes/getnews/assets/js/navigation.js?ver=1.0
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Dec 2016 07:44:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzZLAPvgHcKbFjZqU2ZXSOBsVeQpSIZR%2FoVWx%2BkO49bONzu%2BwjfHNNNARwAp%2FzzX3qdwaJIP8HxE65sgypRFEsIedt6QfnVVJ6tGadtx54qGHQLNhNK4orzml8ivnvxEZp6fuNAespyWoKnJFTQH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd4197c72c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 global.js Show response
www.getnews.info/wp-content/themes/getnews/assets/js/ 8 KB
3 KB 509ms
507ms Script
application/javascript 2606:4700:3038::6815:e9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-content/themes/getnews/assets/js/global.js?ver=1.0
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 02 Dec 2016 09:20:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBThWrol8nShuYLown1Y3hYkrDWEfOK51xOt9nu0tzNDhLndrs15tOLtWsdefAJiWsDyq%2FYluERkcUh3PUZYb88hsYkaMXY8b5QPfvTtF8JXbdBHTNgwUq86rL0hexQQNohXNLkS0wsSbvOWHKMx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd4198072c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.scrollTo.js Show response
www.getnews.info/wp-content/themes/getnews/assets/js/ 6 KB
3 KB 522ms
520ms Script
application/javascript 2606:4700:3038::6815:e9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.getnews.info/wp-content/themes/getnews/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Oct 2016 08:12:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gNsK5zGay7yiioPVZyOeqnZdOtDdYqPQ6Cx4wU468VTUOFkS811BrojJzgDU2Fx2zsYCmn8Si32ojkbOGwrJckU%2BRStePhvJ4a9BlSuReLNX9yAI1OB4pO6YPwM4DTm7NZseiNvTn%2BksxqFXFoa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70f87fd4198372c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg-header.png
www.getnews.info/wp-content/themes/getnews/images/ 95 KB
96 KB 608ms
608ms Image
image/png 2606:4700:3038::6815:e9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.getnews.info/wp-content/themes/getnews/images/bg-header.png
Requested by: Host: www.getnews.info
URL: https://www.getnews.info/wp-content/themes/getnews/style.css?ver=5.9.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896f1b327c96443e3a5c8ba1122fd03883ed064d705ebef41da9b3547fb0e4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/wp-content/themes/getnews/style.css?ver=5.9.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Nov 2013 04:06:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI%2BQ2Ai4n19o5TlAplsCycZ08UMsocXwZGsrUvPm78%2BZc7H51wTF%2FJIAAadVs8vD07N5zX0Zyi2DAH%2FZqx%2BGjB1hGvviqftHAksD%2B6dwY5f2L%2FAbidBRlzMIj7sgpDZ3rtD1W%2Fzp6FUOmHwgK30k"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70f87fd74f2372c7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 97690

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v12/ 27 KB
27 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v12/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.getnews.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:25:28 GMT
x-content-type-options: nosniff
age: 445087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27240
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:25:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 310 KB
111 KB 140ms
64ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7737704120074777&plah=www.getnews.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d299a969e1ba8a952652362a480f80d0e8d89d6917e6b162f8220f88d9270970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113360
x-xss-protection: 0
server: cafe
etag: 17458397974093805954
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 21:03:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47275228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2667
date: Sun, 22 May 2022 20:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 22:19:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 196ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.getnews.info&callback=_gfp_s_&client=ca-pub-7737704120074777

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7737704120074777&plah=www.getnews.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b2388ae06291f924112e1a26f544afce14e266a01d73edf9bd501e009f5904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 196ms
46ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 209ms
61ms Script
application/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5741 23 KB
10 KB 419ms
279ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

672c82ac45f895a1f8c8d1be46a0b3ba277bb391d17d3e60c832d681c70885fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9808
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:36 GMT
expires: Sun, 22 May 2022 21:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F56 23 KB
10 KB 377ms
249ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=158082098&adf=3015956940&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415610&bpp=4&bdt=885&idt=240&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9614642022&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V0yFQcapPD&p=https%3A//www.getnews.info&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cabc8ea77f53d1f458b7f8e3ecf68a4169d89fe5fdbfd6b53963b15e89f4db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9829
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:36 GMT
expires: Sun, 22 May 2022 21:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 163ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1062218742&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getnews.info%2F&ul=en-us&de=UTF-8&dt=Get%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1561965569&gjid=1270788332&cid=1890701765.1653253416&tid=UA-47275228-1&_gid=1787172236.1653253416&_r=1&gtm=2ou5b0&z=1055788975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.getnews.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.getnews.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 1F56 3 KB
1 KB 186ms
83ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=158082098&adf=3015956940&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415610&bpp=4&bdt=885&idt=240&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9614642022&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V0yFQcapPD&p=https%3A//www.getnews.info&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:58:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 1F56 17 KB
8 KB 183ms
80ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:03:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F56 135 KB
42 KB 197ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F56 0
0 165ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm-cQKKWKYsajAbDH1fAPtrK5iATJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoEygFP0HPpn3jdsPddV8-I5Rimg6v87XVgOXNoxF7gN9V9PeAY4j2uJFGXexHDWqSlk0_Na25UCJresG9BGJbPI5HAXxXvClJRyXQ5pO8kKwneH466EvURa3PnbBjPt5hNDOTcK6fZIT2Z0AHsmJIH-vzV5T2UfWP6UhlTl1SuaeI43_TnQRwgymzv4KKad23AP4yBFgsaxOUE8F-F5hD-lIKIUBnEr29L2Pv3CD5VGbn1dsKtypltUXe-bGzXRdENVyynWE5rH6v9V1TWgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzczNzcwNDEyMDA3NDc3NxgA&sigh=mecwiq_P0xs&uach_m=[UACH]&cid=CAQSGwCNIrLMOt_RsCqqL1wAYgRTDTdIBORHPErjgxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=158082098&adf=3015956940&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415610&bpp=4&bdt=885&idt=240&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9614642022&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V0yFQcapPD&p=https%3A//www.getnews.info&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 21:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 1F56 0
0 258ms
44ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKHiEt2BMKwC-gGdg2ICAgAAAAMTT3HzvCM5ECelimKihztbDQ8ivkWN9AASAAA&wp=YoqlKAAAUcYIFWOwAA5ZNgFVLvinQcrqYGdL1g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
server: Kestrel
server-processing-duration-in-ticks: 292205
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F182 121 KB
42 KB 228ms
128ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUcYIFWOwAA5ZNgFVLvinQcrqYGdL1g&u=%7CBodtjfLdCc20EalGqhzhqVHJmFTy2hjAmTGXDMJ%2BQ%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sqh6MH5y1EeF5olEn5IZ8OAHDXjJpQ_SpXTeoOqVWJZgiAwoMCcVOiopScDjlFRxMMFMUlzOPEYZxN9_gBxPofUh8I1cm5edNgJcSZJRnOC-uqJ9P1idlEavZziXnuJ-mw3DbyScdQF2xrSoeALVi8lb6kRrZDRtaSK_kTO3W51sfYWtYTmSzIOTeXsEN8Eri1FQX_0AsZ99XjoCI-r63d_GvHPocs62J_XHurKUElKIiCotQAUD9zV4FBDHPq4XaF3AX8CUcyKI4LFlVWywkp5ZViMu49CiJsRey779Ca0T7Np_397TvNcNpswWTAjWpezRDWlEUaFr0XzgdSwqh9J_fzloUs_Uf6nYbOI5s0azmxoOxD3krIdCNOdQqm4Ioo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB4mhKKWKYsajAbDH1fAPtrK5iATJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoEzQFP0HPpn3jdsPddV8-I5Rimg6v87XVgOXNoxF7gN9V9PeAY4j2uJFGXexHDWqSlk0_Na25UCJresG9BGJbPI5HAXxXvClJRyXQ5pO8kKwneH466EvURa3PnbBjPt5hNDOTcK6fZIT2Z0AHsmJIH-vzV5T2UfWP6UhlTl1SuaeI43_TnQRwgymzv4KKad23AP4yBFgsaxOUE8F-F5hD-lIKIUBnEry1J-Wlwh6JGpiXh1RKQbGFkRX0IZkLPx2XFaopV51BHBy5X00dpdd5RgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37aSz8eZxryN80Fp_NyKstiiZhUA%26client%3Dca-pub-7737704120074777%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

afcf8cb9d6da5bbc01d855c13b70df8b591f8b6c9a86ae164356dfdc34a0ad08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5NQJu_kZ6-JVDcIR1wh5JaRugJcYYjLCoaYndMnp5Ujf8D161nC87INPLR-xXN_U59zeTzSpH7DEQ9ivQOhyyiJKWH8o1vJOHX_-UprlXr1I9kKHSRncqIWsnttTDbV586RDlXjZYApym1h_fT10O3Ktb9s-7F3gq3_V7XmFa35SyHP0VLtgVVXo4H0IdaohbCrGic5cpaNA5_d8Kgme7pESywsYxdz7qOIDoO1v4bcMWGVrt0Z4h17-_l_4j1zJpvnc9A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 21250473
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5741 0
0 154ms
98ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbzQNKKWKYpCgAZrN1fAP9-mE0AXJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoExAFP0ANi5A9Zs_xQd8HCnTcXGSa4_e6HT8be6y9dzOgkuDacAVbhyOtfHbBB0uIpKBlDNEGaaolvpcDb0ZwFBUPTeiTz7sz5raDHCIZix6CT7VS1E8vCh_knR36KUYZ_5t961vGez3o-xL71mEzo0ETDa4n8j2EVUxp0L1RU55-08HQ6lPYfEbfI6Qdq53c1TWL5MSUPeOEE-YlbOoOiuzm9IksYNryBFcLoNHISH7M0imfT2J2w-tho_iFXWbQ0-fGAxfD6gAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzczNzcwNDEyMDA3NDc3NxgA&sigh=A_E8-QQgnro&uach_m=[UACH]&cid=CAQSGwCNIrLMz2KFzssXdLHw0Xlmdb5BRdP_bNBiixgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 21:03:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5741 0
0 166ms
51ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKHiEt2BMKwC-gGdg2ICAgAAAAMTT3HzvCM5ECelimL-dITl_wS2V6SRKwASAAA&wp=YoqlKAAAUBAIFWaaAAE091bnsLf1nNFZS82vqQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 298234
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2A1F 122 KB
43 KB 137ms
61ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUBAIFWaaAAE091bnsLf1nNFZS82vqQ&u=%7CBodtjfLdCc03LK6tCHyFGRibmvyMzhprPD9QNbW9B1o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sp0NgUVY9_DIVJWBpL52skxPPtWG0YiIinIdE4Xmjjo_kdN8E5bxIXTcJ2JOb1F4RWHGDN0B9hViwF_1BNIXx6N5hE-HcDUiIAckjcUSV02uDY1PZ5EST188PoKqWoCUvehdoQjJQCowacrKhpFh6TI4Wb8DeB6sB5XbSK36cgf09Xfi6wCQWcUpEG6DMwj_WtplG9ePhTtr8KDUCxuNjuOY5jyYCJa3EOdIwiQQbBM6JrxMeaMjWuNr5RikVNVALakKHWjzcgDi4x_t2_JFQ1zGmB9L89Pl7EtgJiwK2gADpijS-CWzQaSHD5Dka6XFG2NS1VSw3nVnHIIv9WcuIvltg7Xh5usSGh6q6r1dxicwoW4-DuE3uAum8zrm7uVB20&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL9YEKKWKYpCgAZrN1fAP9-mE0AXJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoExwFP0ANi5A9Zs_xQd8HCnTcXGSa4_e6HT8be6y9dzOgkuDacAVbhyOtfHbBB0uIpKBlDNEGaaolvpcDb0ZwFBUPTeiTz7sz5raDHCIZix6CT7VS1E8vCh_knR36KUYZ_5t961vGez3o-xL71mEzo0ETDa4n8j2EVUxp0L1RU55-08HQ6lPYfEbfI6Qdq53c1TWL5MSUPeOEE-YlbOoOiu3u_A9mfuSCSql78l6IvuUs9nm1l0rOoeGygw4el5qoY4XQqQeNFOJcKgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZAyHaGud7wnO_a6WdPrl9vcoSww%26client%3Dca-pub-7737704120074777%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a3d071811110f9a46ff8f7da8c77f2bd62580fbc0e1cd011567317c0b73c305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nEfnV_kZ6-JVDcIRrNDhFmjlRdr2P5VvC2kMSCFLRl_yjWZNOYHjbQrsAmO5kW6k5Iu_6vEGwMh_Y_D8IGNSNv8dtRTsnmRZX9zzgndMN5SrNS4fRSbXFabjDKe7AZfG9xFwMQhSTak2OId-tIVS0kjtsVKDbWcm38bsheiLVMpVI9IvQGaP6TJzrEGd_0IHet9jDnxTDPT4hBtW4Ex4kAsVWTyc7VjF0ElcccYN58ZvX_WATzeUXU-shE3RwByiWUZ3uA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 19909426
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 5741 3 KB
1 KB 160ms
85ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:58:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5741 135 KB
41 KB 206ms
131ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 5741 17 KB
7 KB 156ms
82ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=250&slotname=9614642022&adk=2264210614&adf=3986677884&pi=t.ma~as.9614642022&w=300&lmt=1653253415&url=https%3A%2F%2Fwww.getnews.info%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253415582&bpp=27&bdt=857&idt=241&shv=r20220518&mjsv=m202205170101&ptt=5&saldr=sa&abxe=1&correlator=4182628816803&frm=20&pv=2&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=225&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&pvsid=358399777369114&pem=458&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zeEJxsvLTG&p=https%3A//www.getnews.info&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:03:07 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2A1F 2 KB
1 KB 139ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUBAIFWaaAAE091bnsLf1nNFZS82vqQ&u=%7CBodtjfLdCc03LK6tCHyFGRibmvyMzhprPD9QNbW9B1o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sp0NgUVY9_DIVJWBpL52skxPPtWG0YiIinIdE4Xmjjo_kdN8E5bxIXTcJ2JOb1F4RWHGDN0B9hViwF_1BNIXx6N5hE-HcDUiIAckjcUSV02uDY1PZ5EST188PoKqWoCUvehdoQjJQCowacrKhpFh6TI4Wb8DeB6sB5XbSK36cgf09Xfi6wCQWcUpEG6DMwj_WtplG9ePhTtr8KDUCxuNjuOY5jyYCJa3EOdIwiQQbBM6JrxMeaMjWuNr5RikVNVALakKHWjzcgDi4x_t2_JFQ1zGmB9L89Pl7EtgJiwK2gADpijS-CWzQaSHD5Dka6XFG2NS1VSw3nVnHIIv9WcuIvltg7Xh5usSGh6q6r1dxicwoW4-DuE3uAum8zrm7uVB20&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL9YEKKWKYpCgAZrN1fAP9-mE0AXJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoExwFP0ANi5A9Zs_xQd8HCnTcXGSa4_e6HT8be6y9dzOgkuDacAVbhyOtfHbBB0uIpKBlDNEGaaolvpcDb0ZwFBUPTeiTz7sz5raDHCIZix6CT7VS1E8vCh_knR36KUYZ_5t961vGez3o-xL71mEzo0ETDa4n8j2EVUxp0L1RU55-08HQ6lPYfEbfI6Qdq53c1TWL5MSUPeOEE-YlbOoOiu3u_A9mfuSCSql78l6IvuUs9nm1l0rOoeGygw4el5qoY4XQqQeNFOJcKgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZAyHaGud7wnO_a6WdPrl9vcoSww%26client%3Dca-pub-7737704120074777%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2A1F 2 KB
1 KB 139ms
46ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2A1F 308 B
636 B 178ms
89ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2A1F 293 B
621 B 134ms
46ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2A1F 43 B
348 B 137ms
42ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ey5i3fRFLXz2GZmpuOTjB8qKNfkMWQxZsZ4yWvtHaMq72Ouquy7cpLm58a2Mu3UOJBo_F4Sd2tFaCEitMyx3YoDbaKE8GaYSmhGUxzhs2DzC3LoVbx2Fnn0Ozu8N1pPZA7-y5dlMW4yRwwSKUAnWD_Anex2BikC2ttCMrbFWcCu1uMvKpsOW0RMq54-XHxC0alZZ_S_Gp324P0lrW_TIJFfejeNiVQfULS3F973EW6v6Rpu106hIuxTJRe7bUsFipTG0ZCKbvkokqb5wzMESYAY4fksl8dy5QvoorSTIn9zdYgP4dhzUptQ2l4jtdw3cNuzvDy9TMq8GnSG-zgc0r0X9N4EYlc8D0wfBKCNMau3tvSTdB6LZRWxw3v30pMjssQ-iDEuseOV4UQy2LQlPTCGTl-D9ESDqZ0l37hByKRGzgkXeUPuF-lAzE8On8ZWcm_lT5g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:36 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3277603
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2A1F 12 KB
5 KB 124ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2541693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvM8Txnf0L3RKSUNkAhEL1YkjgGW1h%2BPL0k2JsECTIVoDQgYKuDENZHP4sHZ%2BhXHSLamlJovg%2F7dhAvnbAlcWcfoVOqLf5okU4GrT11JfoBeeQSQvzroDwAld2T5pOggaqW8glv0wQPlwkCeaRfooiby"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f87fdd7f71917a-FRA
expires: Fri, 12 May 2023 21:03:36 GMT

GET
DATA 200
OK truncated
/ Frame 1F56 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94787832cd91fc7be01b051ba1ce59194fc5ae342393f9d25f46cbe51d5c2e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2A1F 12 KB
6 KB 112ms
46ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2A1F 160 KB
160 KB 290ms
82ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Faa55876514c94169bf39e1815703315f_1200x628_native4.jpg&v=3&s=_RYE5pYSASmEaCJ5kMG7Ro97

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30618658
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163870
expires: Fri, 12 May 2023 06:14:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2A1F 8 KB
8 KB 282ms
75ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Fb83bfc8b893c4a6b8ba22b57f80d9ac2_webp.net-resizeimage_%281%29.jpg&v=3&w=596&s=wFxYWyFEykWmmbbmGplS2B6l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

beed3c7b010dd94e0d869802272cf75b8b097b162550a393c54828fa508f26d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30611858
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7698
expires: Fri, 12 May 2023 04:21:15 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2A1F 0
128 B 158ms
46ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=nEfnV_kZ6-JVDcIRrNDhFmjlRdr2P5VvC2kMSCFLRl_yjWZNOYHjbQrsAmO5kW6k5Iu_6vEGwMh_Y_D8IGNSNv8dtRTsnmRZX9zzgndMN5SrNS4fRSbXFabjDKe7AZfG9xFwMQhSTak2OId-tIVS0kjtsVKDbWcm38bsheiLVMpVI9IvQGaP6TJzrEGd_0IHet9jDnxTDPT4hBtW4Ex4kAsVWTyc7VjF0ElcccYN58ZvX_WATzeUXU-shE3RwByiWUZ3uA&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 21:03:35 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2A1F 2 KB
1 KB 142ms
89ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2A1F 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F182 2 KB
1 KB 65ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoqlKAAAUcYIFWOwAA5ZNgFVLvinQcrqYGdL1g&u=%7CBodtjfLdCc20EalGqhzhqVHJmFTy2hjAmTGXDMJ%2BQ%2BU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx5xjFAs8p4Sqh6MH5y1EeF5olEn5IZ8OAHDXjJpQ_SpXTeoOqVWJZgiAwoMCcVOiopScDjlFRxMMFMUlzOPEYZxN9_gBxPofUh8I1cm5edNgJcSZJRnOC-uqJ9P1idlEavZziXnuJ-mw3DbyScdQF2xrSoeALVi8lb6kRrZDRtaSK_kTO3W51sfYWtYTmSzIOTeXsEN8Eri1FQX_0AsZ99XjoCI-r63d_GvHPocs62J_XHurKUElKIiCotQAUD9zV4FBDHPq4XaF3AX8CUcyKI4LFlVWywkp5ZViMu49CiJsRey779Ca0T7Np_397TvNcNpswWTAjWpezRDWlEUaFr0XzgdSwqh9J_fzloUs_Uf6nYbOI5s0azmxoOxD3krIdCNOdQqm4Ioo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCB4mhKKWKYsajAbDH1fAPtrK5iATJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc3Mzc3MDQxMjAwNzQ3NzegAdW20uoDyAEJqQKAvcgMx7ixPqgDAaoEzQFP0HPpn3jdsPddV8-I5Rimg6v87XVgOXNoxF7gN9V9PeAY4j2uJFGXexHDWqSlk0_Na25UCJresG9BGJbPI5HAXxXvClJRyXQ5pO8kKwneH466EvURa3PnbBjPt5hNDOTcK6fZIT2Z0AHsmJIH-vzV5T2UfWP6UhlTl1SuaeI43_TnQRwgymzv4KKad23AP4yBFgsaxOUE8F-F5hD-lIKIUBnEry1J-Wlwh6JGpiXh1RKQbGFkRX0IZkLPx2XFaopV51BHBy5X00dpdd5RgAa6zOLvromRivQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37aSz8eZxryN80Fp_NyKstiiZhUA%26client%3Dca-pub-7737704120074777%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F182 2 KB
1 KB 65ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F182 308 B
636 B 52ms
51ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F182 293 B
621 B 53ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame F182 43 B
347 B 41ms
41ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Qv9Ai_RFLXz2GZmpuOTjB8qKNfmL-RiSyeqkS2ynFx8Trud8Nd9V67rXBFYTssZIIezFl3o_dh3ngJbBZhFj3x-EgwulOrbZPp1hd0KEQpWd5pTXtVJwuLefcSxqylf-cvGY-Ajll5c1Hgel4AfQPota8vPN3NuJEQHDQ0DFDcvNReVp8JE868JvsmNztINngp4mHFlHTK3fL2zZZE1nZOfHhxXC6d8WheBT29Xnq2l2NIrVSNSV7nXSVcV0HqElYtCWAKHJPAZCWz_xalH1ebEB1mWgKlY6XxKkpxyswOrWzniyQ4YqxH9oLDtsDtjmjczQ0_Uke-AovMsid7ET685HYjpQwXE4r_nEhywUDokTwnO9TweLmuLjD6qOFlxK0QEYUKkIrZB7uei0eOoOrhd36NR_0PapkWBQcqHReZGt7XuhlA8G9N0CkSFeV7UYvQ7hLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:35 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2959248
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F182 12 KB
5 KB 88ms
48ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2541693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ojMPARfD4IcjLTAMoz3Mjb6ME%2BHMQk1ShRU6TQTybquEAqeTlnZVaI9T9p%2FtCXj61swGTaCnn0CgJzlGjv3FiTgJQaBKC%2FMuGqTDG3vSGjZeTfLsfjiFmRIe%2FxRchHNOAwKrG5xbKu636FRkg9YUC6n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f87fddff819088-FRA
expires: Fri, 12 May 2023 21:03:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F182 12 KB
6 KB 51ms
51ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F182 160 KB
160 KB 252ms
158ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30618658
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163870
expires: Fri, 12 May 2023 06:14:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F182 8 KB
8 KB 133ms
38ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

beed3c7b010dd94e0d869802272cf75b8b097b162550a393c54828fa508f26d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:35 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30611858
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7698
expires: Fri, 12 May 2023 04:21:15 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F182 0
127 B 45ms
45ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5NQJu_kZ6-JVDcIR1wh5JaRugJcYYjLCoaYndMnp5Ujf8D161nC87INPLR-xXN_U59zeTzSpH7DEQ9ivQOhyyiJKWH8o1vJOHX_-UprlXr1I9kKHSRncqIWsnttTDbV586RDlXjZYApym1h_fT10O3Ktb9s-7F3gq3_V7XmFa35SyHP0VLtgVVXo4H0IdaohbCrGic5cpaNA5_d8Kgme7pESywsYxdz7qOIDoO1v4bcMWGVrt0Z4h17-_l_4j1zJpvnc9A&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 21:03:35 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F182 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F182 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 May 2023 21:03:36 GMT

GET
DATA 200
OK truncated
/ Frame 5741 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb017ca6b47e43df32055138dc707e8166a1eb42b9dd9db40cee98b93a0455f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 2A1F 2 KB
537 B 123ms
46ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 19:41:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F182 2 KB
537 B 57ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 19:53:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F182 15 KB
15 KB 112ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 554149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A1F 15 KB
15 KB 113ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 554149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
50 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94613efe04efef145250b3fd9c70ef82969f48ddaeada6f918d64cb8ecc66f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51393
x-xss-protection: 0
server: cafe
etag: 8736554328745930398
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 21:03:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 127ms
52ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f14f0c03469d8508ea3ef1a35fb9e27c01a418fadfc7a5cfb6266374042edf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10659
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 6131 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 145ms
59ms Script
application/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4311 259 KB
68 KB 481ms
480ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&adk=1812271804&adf=3025194257&lmt=1653253417&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.getnews.info%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253416999&bpp=2&bdt=2273&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_slotnames=9614642022%2C9614642022&nras=1&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2b8cd47d3328f3014507e1574595419bb25e9507ba8a618af6ae47099c881c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 69772
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 122ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FF8 13 KB
5 KB 44ms
44ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 20:20:41 GMT
expires: Mon, 22 May 2023 20:20:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 911E 783 B
1 KB 135ms
46ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f7172247f379e3f6f7b21b67411f10823a37eaf446c76d9f1185524eeb83c16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0BlvknAMEjgopHuxlxbqwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-0BlvknAMEjgopHuxlxbqwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:37 GMT
expires: Sun, 22 May 2022 21:03:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FF8 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 07:54:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 911E 0
0 102ms
101ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=358399777369114&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4FF8 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xifh_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 147 KB
52 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ebe881c35b965e72d116592794d77f7477201877e37424795ffeb7ac285c4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53590
x-xss-protection: 0
server: cafe
etag: 7042844510465554185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
59ms Script
application/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.getnews.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7846 18 KB
10 KB 572ms
572ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1d1f531341e4076743c61caa2deae6e5e461d8321f30a7caf47681a689f4101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9744
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 2A1F 0
127 B 46ms
45ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5741 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCV5aAG2LF2WReNb93ayMCiuNqCnH5HDF4cKkcjCSSj8TEx2aE_OJWqdGJUBTLjNG7ab4P8cDd3z1xAp6hEMnw&sig=Cg0ArKJSzPX_v1HZx2r6EAE&id=lidar2&mcvt=1014&p=0,0,250,300&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2264210614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653253415841&rpt=732&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame E6F8 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame C568 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.getnews.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame E6F8 4 KB
633 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 19:29:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E6F8 205 B
742 B 120ms
37ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 19:51:30 GMT
x-content-type-options: nosniff
age: 4327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 19:51:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E6F8 604 B
695 B 120ms
38ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 17:35:46 GMT
x-content-type-options: nosniff
age: 12471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 17:35:46 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame E6F8 19 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:04:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C568 4 KB
618 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8133f9ff3d5ddfa526a8a06252211430b695a31b8a02cdbaf4e538a8080610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 19:38:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C568 2 KB
904 B 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:59:44 GMT

GET
H3

200

B25164142.293005041;dc_pre=COT9w_WA9PcCFZ2Wdwod0g8Dlw;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/ Frame C568
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_pre=COT9w_WA9PcCFZ2Wdwod0g8Dlw;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdi...

43 B
64 B

132ms
56ms

Fetch
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_pre=COT9w_WA9PcCFZ2Wdwod0g8Dlw;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N46002.134426GOOGLEDISPLAYNETW3/B25164142.293005041;dc_pre=COT9w_WA9PcCFZ2Wdwod0g8Dlw;dc_trk_aid=490736954;dc_trk_cid=146963748;ord=3760257141;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C568 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJpRUKaWKYvrZA_vQ1fAPzoqouAzv4Pv0aaeCkey1DdvZHhABIJ-5lSRglYKAgJgHoAGU1u7VA8gBCagDAcgDywSqBNUBT9AIlbw5TVpFqqYcw0N1YkhOf3wPX6r7LcKI64cIbJtDTvQW9liYybBNE3-1YDZXfvjtZFahCrcljsuZpi_5a9V4QfWsLjjGOZ2wzShGJG1m-RNOj5pT96R1Pqs6Xjl-w6pg3pxGxbZ1E8ybgWl4YC0cuRb9WmCSvnPh_fyo8-_C48nL0hTZ1QvmaNfcBeRORH3K6-t2eGMdGUJVuCzu9HkXdRAf-nM9KkIZ5Z-IxByFaLCESONZynVN-trp9EELWlTRkTLfFo7VawpI3P546WfE6epawASEoeC7ugOSBQQIBBgBkgUECAUYBKAGLoAH1KmRKqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIbqHtIICQiA4YAQEAEYH4AKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NzM3NzA0MTIwMDc0Nzc3GAA&sigh=eBZd9y7E5jI&uach_m=[UACH]&template_id=484

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 21:03:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame C568 21 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:01:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C568 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:58:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C568 135 KB
41 KB 142ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C568 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:52:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C568 0
0 123ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREcDay6KR8tzplStDwEK63DDEPKO2URV1JNEjN3bBpkWkucay75Kfc3v2NQ-cri-ZalWRMRT5ffQBn7PIMrx9TWgtcOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame C568 30 KB
12 KB 119ms
47ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7681828971366111738/ Frame C568 15 KB
15 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7681828971366111738/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ce2a9005a58b8ca5bc7af63825f3050e8b697665bcdaaf8cfef5f01e2d0bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 07:25:52 GMT
x-content-type-options: nosniff
age: 308265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15633
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 05:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 May 2023 07:25:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3119 8 KB
892 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 19:29:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 21:03:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3119 2 KB
904 B 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:59:44 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3119 21 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:01:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3119 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:58:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3119 135 KB
41 KB 71ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3119 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:52:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3119 0
0 69ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa3dviaOP8u5Xz7sroGfaSzGySlSu59SHY7gLjX3z2AeHKkoo9TqxY4skciUppaUcdt_bNVnMkgbk9oqi-zoahgLoI9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 3119 30 KB
12 KB 57ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:36:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80AF 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 23 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 49AB 1 KB
749 B 37ms
37ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 23 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 80AF 35 B
463 B 124ms
41ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDETJRiTUtjZn1wHaENUNlc&google_cver=1&google_push=AYg5qPLUUblrywCSRlNweWodiIeG2F-Oxv642UDauH5asLJY2RN7rlX1amOaj_SgtpCxayCg_1yeJNkjgSN0jSrv9Gafg8PD3cc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80AF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECG_rkL5lSM3hlyOxSvEDwY&google_cver=1&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM&google_hm=Q0FFU0VDR19ya0w1bFNNM2...

170 B
188 B

71ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKvHiAiEaqQQ73hWXwICWtzqlvVeb6XaHKFGzjGHsqUofr93PfzovooDnuns_V8z45n2925fSl4ITmzsAWO0yseVPN8ZkM&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 80AF 42 B
189 B 140ms
47ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI3f0ZqIL0J6ieGRfi5tOla3qBP72Ug_Ow_WmfAz32eBQx4qOcuua4JyF9NS8veCcdy0A_x4ikNPLZEVmvyUSW0THjQNCI&google_gid=CAESEPAcnu9c2RwhHNs26sXO42Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 dds
rtb.openx.net/sync/ Frame 80AF 43 B
135 B 152ms
55ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG49bdIEXgoR-vyALwD4cAY&google_cver=1&google_push=AYg5qPIlVtsjVIotMk6PLMWqVUnMXmlMV189TBP_izToo6AjnKBCtYjYydQF65Sa_0abkwCMvhIIHtU_bJer5paS2ZNODrRccIc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 10pc6h11a45kjfdk683mef2be6lcndqa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2h...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESTEtSy1MNklE&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2hqHJ4jX-6Nj8UIDIqnB7myXSk

170 B
188 B

123ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESTEtSy1MNklE&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2hqHJ4jX-6Nj8UIDIqnB7myXSk

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESTEtSy1MNklE&google_push=AYg5qPJk0wCEl6wZpxLNxgrJNTcb0XdeW4SZBK68r-H1ZovXnpZ9Jm5awixYCjCIMP_Bl0jeT2hqHJ4jX-6Nj8UIDIqnB7myXSk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5Gvqk...

170 B
188 B

46ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5GvqkfjAasjPbQaKkxYYySP2QOYGyg1t2IPbAWQka_6o-jEQGBSU49vsa7AoMXriSQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPIefSl5KlXtz_nlZ-3sbvBYE7Pj5GvqkfjAasjPbQaKkxYYySP2QOYGyg1t2IPbAWQka_6o-jEQGBSU49vsa7AoMXriSQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Sun, 22 May 2022 21:03:38 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 80AF 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 80AF 0
232 B 134ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J88xGtI1oWEBCGxkvIsFpK5rMoc2B1dxvD75CjCM3Kd14cL-bueT2031Mu3OZ9Cy2VBzZYNQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 49AB 35 B
462 B 95ms
41ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDETJRiTUtjZn1wHaENUNlc&google_cver=1&google_push=AYg5qPK3A0qOSV9kOKCljGpB1ek_FhQL6QzzD60d9GaTsYY9k_FMI-9GRCvb3Q32L0_xUGQ6jQRau0gAEILvKgjrh5BpmJ1bzso

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49AB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECG_rkL5lSM3hlyOxSvEDwY&google_cver=1&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ&google_hm=Q0FFU0VDR19ya0w1bFNNM2...

170 B
188 B

69ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKLvL9EBb1Ef3nRtPYcCJs7ieGucwSWk8oSY21gy57w0S8BB0d5MLUHw6-g2phOJzcE5WGR9bpINn8HgWzx32PmhiNENPQ&google_hm=Q0FFU0VDR19ya0w1bFNNM2hseU94U3ZFRHdZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49AB
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL5FGuk7SytzFNCaT_KTgv2__Cq8QuBedXCueQIYHwwK2EKMqt2j3-si4rxvVUqXztMYzcobLK7Ro_oVyFqb2er10lC72w&google_gid=CAESEPAcnu9c2RwhHNs26sXO42Q&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKnKqpQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBMNUZHdWs3U3l0ekZOQ2FUX0tUZ3YyX19DcThRdUJlZFhDdWVRSVlId3dLMkVLTXF0MmozLXNpNHJ4dlZVcVh6dE1ZemNvYkxLN1JvX29WeU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWHpGWTByZV9DR2JzYnRSbEtDMkpnazBUbGIwZ1RIODA4YzZNUUNVajZNVQ==&google_push

170 B
188 B

64ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWHpGWTByZV9DR2JzYnRSbEtDMkpnazBUbGIwZ1RIODA4YzZNUUNVajZNVQ==&google_push

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 May 2022 21:03:38 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwWHpGWTByZV9DR2JzYnRSbEtDMkpnazBUbGIwZ1RIODA4YzZNUUNVajZNVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 49AB 43 B
350 B 121ms
54ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG49bdIEXgoR-vyALwD4cAY&google_cver=1&google_push=AYg5qPJeq3oRBJ7RU3pSkQOF2GnFoj2Mk4JobmIOkPih0ElBStA9pZElDgkdAfy3wdOlyFpgRwzItwH7jzYHMCZWsrdFmiotTIc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p9fl05975gs1iqacbu7outbd0vie1km4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49AB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-Z_TwzVGTfyxdJAAgGj_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-Z_TwzVGTfyxdJAAgGj_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKYwbOCx2G_rTyoqzXeOTMXOk2iODYP74cqFLVVeu4m2WINL6LzubFedBVJbA6fDaoWv9Z81-S3HV4LOxgS67iahvYRp6M

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-Z_TwzVGTfyxdJAAgGj_2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKYwbOCx2G_rTyoqzXeOTMXOk2iODYP74cqFLVVeu4m2WINL6LzubFedBVJbA6fDaoWv9Z81-S3HV4LOxgS67iahvYRp6M
date: Sun, 22 May 2022 21:03:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49AB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESU0tMVQtOTJFUg==&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3wYI1EWfclLrrURK00R9cTMOI

170 B
188 B

124ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESU0tMVQtOTJFUg==&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3wYI1EWfclLrrURK00R9cTMOI

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VESU0tMVQtOTJFUg==&google_push=AYg5qPJNDeosPdJDwmGAy7pttGPoGBz64fidny6xNtEzI-mz7ectt55vbe3bXybRyrRtcSM5EO3wYI1EWfclLrrURK00R9cTMOI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49AB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKs323CAfypJri0q8IAAABGcAAAIB&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWc...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKs323CAfypJri0q8IAAABGcAAAIB&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWcuLOk_xYw&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKs323CAfypJri0q8IAAABGcAAAIB&google_push=AYg5qPKKUJ3G_Z89988Ld2e7r4UaWQTqxviHSOvaeUbbs3mmIrXloeO6sCdbdPmEJI_Mno2r46UKB38p2kB7ocsyWcuLOk_xYw&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Sun, 22 May 2022 21:03:38 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 49AB 0
40 B 106ms
46ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpA3alBtyvreEaSHDcWCQwULoKobsvp0r0glsWNQ2j5JV1KuqhJMvlALy9vFk5oEN3mJWT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C568 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beee1ec326e80f61d260a90b60c085d8074113165a1b19ab80417468a256d6a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame CA9B 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 07:54:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=358399777369114&bg=!iYqlis7NAAZ4vKt9WLw7ACkAdvg8Wo50qtZmXvf9Qqyxb50gLJbu6wuDjA9VTFQnA7MhhVq3vuqnMgIAAABQUgAAAAFoAQcKACQSb1ok2SXDJs0-A8ODocHleSa_HIRAG43n0cG7vW8aqTBZUgmZAqbkfTVO2GCH3wa7MXjLv-QjUK1pRhGKiscEJXStcEPM8rSXtfgcsoxVAoU3YMmnyKgzB-xH_o2HNVel-et22mz-VvVHiOXuz-IaIdanHUNBt9kYGVwuKOTViYnDuk6QqZXMzmr3afEnj_8L9LCBW5GNb8m8UaSADun1gLcM0IOoDc7harxvzQOMa66QZXqskgd1vJcCrFM9_KDXbAhflXeXG8bR889iGLfjT33Fd1w1fOFlnaOQSJLrSKz8QQw_3vEA0szLM7oxsd1_cmKoKMepc46HCQyTj1oyktnDeDStTddn9N9AOWj9O_jjZ38eFkJJblVMmLPVs2d4Sz3h9tEmS_H_ixmweAdSY2Op7CyX_Rusw3NW6Mlwr5uPfOTn9x_RwgHUdN-xQtuiPI76n-nNODI4325GZlMXewrQunSzdtzKEXdnU4EfzUheGUXUJFJLeo4-rZ5tHsLaZ6sNO2RSGKyALBCpN2ot90h4x-99_swEFCoagA1LyFr8bHvQmDW3o0wFWbPZD-lEU37zgTnKHX7q-a2jn0mFtk8ICAQ8w1vcCOvWECnP1epLOzis7DrZgJ428zgIBpYEBi0mj5HBmwyPAS6Tjt4UqNiIMfhV8qhIdBYzZHe5BpfAb9PFDcAP6uRGry7Bs4vCe0O129FdHogUPslgNQ_cwjatuk5W_BrPIZ8MgTdCYnfY_vlJmM7i_N_sjzI3UyKvixC2fmbRE1NkLeu2lJwDB_uJP-4b9oj_ejCtoHaydPtPa_JnhHRAt9z6LZAjpdqVzRY4fJTL5GkNrqK-TyaEA96IvAm46UBQb5enrVnFvWnqFZhYIs-v5bpLMnzf7NSa-jJWfOCsQw2QaJEKG7fHtUyjusaLwKgSc_tOXHA5k4TIZX1unInWQlAK6VE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.getnews.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame ACBE 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: www.getnews.info
URL: https://www.getnews.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 07:54:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2A1F 160 KB
160 KB 39ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:37 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30618657
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163870
expires: Fri, 12 May 2023 06:14:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7846 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpYkeB-5XSKZOiKQGDVzrz29MpEme9n3vnfUou0HsvkoRebE6J0y6qp2JDoASODfieLlNeYAOqC2wkZi5-iiWff8BSG3I2BYQN5egxlzaxFnrCNzg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7846 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:58:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7846 135 KB
41 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 21:03:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7846 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 20:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 20:52:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7846 0
0 45ms
45ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSJ0dElPPPdMdVQNCHyRP4IzPU5-Jx6dm_HTp06lpfc2wy7n9xXEnf3y1ol9rCt80fgVGZ3dRFK4FyfpcPPHNcuGJrug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 71BB 624 B
297 B 50ms
49ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYnuadygEwAQ&v=APEucNVQkaCeRe56P8Kwr-kYzvK_uBs8qfIT7CD6CH5M7ae2ckzYOKxFNOifhJ9jXPgU1Cd4MyB0muIKJJfuWKmLohSssLOdjZgYg02eEQj1PAzmar80jAyxUfz3KNz1OroUhDAY7H8IFJSe8_nM0Y7CyTx2KoClZTzwG5ich3VkfGOPY9BLBvg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 21:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7846 60 KB
30 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0CxMZTp84-w9CrDUrSJ8eXz8TmaWXxgWkD-uuTLzFPmjNMwXfmlOjELZIHODgrh8t855sXNo2h6ir5KKNxgqyvft2ykEgvMVLpavuIB9NX1-HGIysdCzYC67SX6PlUmpGUR66rvZrPBVlLKxNGXoljgpL2Q&dbm_d=AKAmf-DMWqju0EgIgFpFwX9scz0L5XcVWBd9I3TkriaQg8sIBvbLWiocpes3JbbJNYPGbWopYuS3gxT27JsL3NZOewln5A92-nwf6mWizRc88k7QsL_UxWDlJu_2mvj2it5cQh7_i0Z-EAjlsqyBmgy7bcS88fnYXvp8s3Vw4hYV8HdG4vDc5JR_t1pH8rnwnL-scft20utFzahrIVHns5PswopmXaVvO5-_KoVLlQ41jeBhagRctTyoyj2YwzqV2_HI8uJfbKl3gbNq8eTa2Op4SNfJrXbrz42i2EznbRUGW9dUXksyyD6IRz9qC_8nb9xsI9kDhuLYuAVgKSfmL4hzfB1F_iKmt4yFqMmApYejX6TbcGZX6UKcB33NZqM5VmU9rLN6QPc2Nw_2GSmprGnC6joO5R8QGxw-VQNtrFpi568h0nHOata8pR4onvQ-Jv6xTpekD2hIKGeOOSDztzRJbEfl_2y5sOeovlGCBAw0U5H2Df6u3FpfD-cyz8K1QkUHIM7pXk3T_w0NwKnL2P_lDB664TSuWY_3LGjzh5L1H8VHNqRCbTJF_rnOGm1KRavwcix3NSjFYvfoglU1UZZksonzk9y_SLEzLP3tCRmQy4gODHzr6wjSZOWXS2vrDiMlzJo-Ec4w6qfgl_qAJT8NKWNqpSJEhGu8x3uFKOdQEYTYy8PDQzxzosHhoiLVwzIz6DvyjkHGnHChhUN9xyRubZT6h13XyFT3LtDfKbqHR3V4o476qcSElt76lwlIvoFePb2H2ljiYO7PcKA3jumOegcnUwfm9lCXJ4ivvHu_xXm4h-NesRE0fWiih0-N0Kf7yAWt3V8E7AR2anFgVUzDqadYz3bJpwhTy0zQyG3u_8yG0zz3dpkYF0CJ6MNJSwHMr0VY75KQ9evlvCc0I_P1H8wCWCAcX41LV7aEExOjUCmnzV0LTJYQlbX_rg1k7c4kH54yOa56wgh8lO0mf-ngt9jkIqYuSoN3KcgHleO-Tn1_97f6WvhDHbwuKlJZ7f9J7GISGTrwUd6aUe83fdW1VPXN6yabg8kpfrRO1qVgVMDsrpwr9Gt-3pf5Zc5ticlhdrAKwMp2bCrv9-GuQt2xOrqU-L_LK8yI654xOM7a41q7jhAiZ_J0_KJK1V9Agj2XDuz-uFwrtuZBFLemxw8-dVUSuo-qS_3aebVtAS3Ih3jau_XzIO0eSqsRlbotWFaMAbgX1ZracZEvWCPcXDCfx941ax7l3RkXVGmYm0RIujOE0LVjX2LLORNvANjlQEa8DhPToXoplq8oDVn1Tptj-w7xW8oLyIluvrxMQWZAbx_JarAo8G4demzvuohGZ731YVjhwlntrpxixaO2yjkoiNGxRB6SO6UFq0559JoneUmgz310tBWNbJmBZapmiWyJPrz70fPY4iMkuAFm6Jr2LUqgFuAGxxnWfKRi4wzBMEBLsv9ELE404Igysl1jVDz_2HW34X7PXTusDczPNX_Mpr6511aH32Na7ENFVTrjy8--h5u0VUtS5-Ox_mNpfQEMFtGz0Hn6ZeVwdk5bvAONbX49czOlcFPxKGx0lsjJ0TjUz8a2TlJSx7Q_7Wq_cQoeWJ6aRag2ECyizxOjGZ5y3Bj-ykKXmEmyr3SyPOArDng5crkI_Nzo91hfN48F3FLd3dzkzqRc2UwANkC4BRZp9BjDw08Rx8ier2wcx7oO2o-yiF7AK857E5j6pHKMeZNsUckBe5pWntTpSsjDBditwhYB3QaSsJnD-QKSF2bmeabudhV7Vh0XNjPE9qAsJb_JKBreAvUSOC8oGA8Flp6cfMYukC9XCVBqZnkPDvdDygQ7ZZAW23YqZePt2D3n-Zfe1Jlk7hjfCehpBi6BsspoqqTC4esqPR9FsixgWaQDrcIku7Qg_XYbGQovLHaMYUoUH0n-nrLdopi6c9w9JRVD-K7c3TmOydu0YCE9TluPm9aLZ_sUJrPE4tHsQn395pn9EOtISnKKEUfCas5YXOninB2ir39nIEAGzn2pFZS1TFbqDJVtnThIrphl7Xb18FD1kDEHJ2CdcgpU5U0Z-9mWfybr4sSkIka0s34CbFRtinXn_6nBNeniv-bHt0eHfaXQ6NcrQORWllBCNIKtM9g1DkR-zORnv3I8iiKOWLVMb4BouCUxNyOQ-bSKu9FI-zOY6-qTAu1FjQz82XBI8nR6x6uiCqLGx2uu3vMxkrW6sQb_csUD7GBHtskAOBlv6fG_bz5Fz2mCohComRD2yJHMY9hFymtQnT__O3U7UFQttcHgEZXR5poayVZHoFwlZD011Datzog-oESslWX-0lbdAzTRyIFjwtPbyKycAlxl9Xi3gXTZrMSkeNViJ2f920aGWD2-r71SrudxpMtEP_8dSOvRNufP1XNIVk2HvrhGeexnN0Fsx9SlFE3KrZnwH04SgKrCNlYVNVnhNiaatIPt7YvlbWMNUfBwDu4j7BMlgEZGdpMKKzubrv-BTnECHDUwUwPciU8WkIjXXP52MPKwBbS-U0skoL8Ig0087wKj9-UZRKqL6S6KXdXVH7MIhLLFB14y052N87MsB_gBI00fmT55mpwZE3d6Iy2gSNm8pcj9KU5IoKwGU0xtgvNui-id5EDdZYR-VX3RCEBOl9XbuFN36Lc66cAE8aAPVJjkltzP7UGy-zTYxDJ5ERQPJWLJZnlszJu0GbczmSs1KzAy90dDk_dTIRwT45bleJvWoZg0sMUNLn0t-aSJySj4grZvxTEiENL4gREpMuFoyaJCDf4b4qT1aPQ-TtWPWD78rRN-qvE4-J6XSQg7yIKTwojAMkRTkvs7DxTbKHuEYKddXLhdgCqqrRph_k-fsbzQO2AWxh7vwBo12fTmlbzAPouPHxXXaUJGMpKHn2pRGo4acx0eRFoWONAZlvu_6FVzFpCx2L2IisigOwRyaf8wDOzwzaQy75jBAxxEtGoLiABl2WDNcp4FCeXt8hzGbq3JHghSfd2fA0bWB8bzkHCaz69E2H-xcu7FWGyLJMCnECkSNDbH9ooKWJBoMvIr0qXSl18J19dG2JMKqCgeGvckp7Ekf0cP_EsFUnbHOFq70JEWf7l2vEH1XA&cid=CAASJeRo3Mcf47W32b4Eci2CjnoU-BT2T2oaG4lxV5N8noisq2OS8RA&rfl=1%2Chttps%253A%252F%252Fwww.getnews.info%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

382889d5c2f97354c3426d5005771033b17c30653d7fed2ea633f78fd2ddb66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 71BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1

43 B
894 B

204ms
64ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYnuadygEwAQ&v=APEucNVQkaCeRe56P8Kwr-kYzvK_uBs8qfIT7CD6CH5M7ae2ckzYOKxFNOifhJ9jXPgU1Cd4MyB0muIKJJfuWKmLohSssLOdjZgYg02eEQj1PAzmar80jAyxUfz3KNz1OroUhDAY7H8IFJSe8_nM0Y7CyTx2KoClZTzwG5ich3VkfGOPY9BLBvg
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 22 May 2022 21:03:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 71BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoqlKgbGi4n9vAKIMtj4iwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1

43 B
894 B

64ms
64ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYnuadygEwAQ&v=APEucNVQkaCeRe56P8Kwr-kYzvK_uBs8qfIT7CD6CH5M7ae2ckzYOKxFNOifhJ9jXPgU1Cd4MyB0muIKJJfuWKmLohSssLOdjZgYg02eEQj1PAzmar80jAyxUfz3KNz1OroUhDAY7H8IFJSe8_nM0Y7CyTx2KoClZTzwG5ich3VkfGOPY9BLBvg
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 22 May 2022 21:03:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKiwB7Yau4Ju1O5sXqmgVjU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 71BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEapHNSfafhFFiBWB8dIHHI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEapHNSfafhFFiBWB8dIHHI%26google_cver%3D1

43 B
1 KB

48ms
48ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEapHNSfafhFFiBWB8dIHHI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjl5QIQs8-r8AEYnuadygEwAQ&v=APEucNVQkaCeRe56P8Kwr-kYzvK_uBs8qfIT7CD6CH5M7ae2ckzYOKxFNOifhJ9jXPgU1Cd4MyB0muIKJJfuWKmLohSssLOdjZgYg02eEQj1PAzmar80jAyxUfz3KNz1OroUhDAY7H8IFJSe8_nM0Y7CyTx2KoClZTzwG5ich3VkfGOPY9BLBvg

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2f23ce32-7ae8-4406-b738-fbfded0aaf6f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 288d7a5d-0fa8-4656-bbac-26099dc56012
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEapHNSfafhFFiBWB8dIHHI%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 71BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTQ0MDUyNTExODI4NzQy

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTQ0MDUyNTExODI4NzQy

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9138bc45-90e2-4a15-ac14-847257aef9fe
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAzOTQ0MDUyNTExODI4NzQy
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 7846 27 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0CxMZTp84-w9CrDUrSJ8eXz8TmaWXxgWkD-uuTLzFPmjNMwXfmlOjELZIHODgrh8t855sXNo2h6ir5KKNxgqyvft2ykEgvMVLpavuIB9NX1-HGIysdCzYC67SX6PlUmpGUR66rvZrPBVlLKxNGXoljgpL2Q&dbm_d=AKAmf-DMWqju0EgIgFpFwX9scz0L5XcVWBd9I3TkriaQg8sIBvbLWiocpes3JbbJNYPGbWopYuS3gxT27JsL3NZOewln5A92-nwf6mWizRc88k7QsL_UxWDlJu_2mvj2it5cQh7_i0Z-EAjlsqyBmgy7bcS88fnYXvp8s3Vw4hYV8HdG4vDc5JR_t1pH8rnwnL-scft20utFzahrIVHns5PswopmXaVvO5-_KoVLlQ41jeBhagRctTyoyj2YwzqV2_HI8uJfbKl3gbNq8eTa2Op4SNfJrXbrz42i2EznbRUGW9dUXksyyD6IRz9qC_8nb9xsI9kDhuLYuAVgKSfmL4hzfB1F_iKmt4yFqMmApYejX6TbcGZX6UKcB33NZqM5VmU9rLN6QPc2Nw_2GSmprGnC6joO5R8QGxw-VQNtrFpi568h0nHOata8pR4onvQ-Jv6xTpekD2hIKGeOOSDztzRJbEfl_2y5sOeovlGCBAw0U5H2Df6u3FpfD-cyz8K1QkUHIM7pXk3T_w0NwKnL2P_lDB664TSuWY_3LGjzh5L1H8VHNqRCbTJF_rnOGm1KRavwcix3NSjFYvfoglU1UZZksonzk9y_SLEzLP3tCRmQy4gODHzr6wjSZOWXS2vrDiMlzJo-Ec4w6qfgl_qAJT8NKWNqpSJEhGu8x3uFKOdQEYTYy8PDQzxzosHhoiLVwzIz6DvyjkHGnHChhUN9xyRubZT6h13XyFT3LtDfKbqHR3V4o476qcSElt76lwlIvoFePb2H2ljiYO7PcKA3jumOegcnUwfm9lCXJ4ivvHu_xXm4h-NesRE0fWiih0-N0Kf7yAWt3V8E7AR2anFgVUzDqadYz3bJpwhTy0zQyG3u_8yG0zz3dpkYF0CJ6MNJSwHMr0VY75KQ9evlvCc0I_P1H8wCWCAcX41LV7aEExOjUCmnzV0LTJYQlbX_rg1k7c4kH54yOa56wgh8lO0mf-ngt9jkIqYuSoN3KcgHleO-Tn1_97f6WvhDHbwuKlJZ7f9J7GISGTrwUd6aUe83fdW1VPXN6yabg8kpfrRO1qVgVMDsrpwr9Gt-3pf5Zc5ticlhdrAKwMp2bCrv9-GuQt2xOrqU-L_LK8yI654xOM7a41q7jhAiZ_J0_KJK1V9Agj2XDuz-uFwrtuZBFLemxw8-dVUSuo-qS_3aebVtAS3Ih3jau_XzIO0eSqsRlbotWFaMAbgX1ZracZEvWCPcXDCfx941ax7l3RkXVGmYm0RIujOE0LVjX2LLORNvANjlQEa8DhPToXoplq8oDVn1Tptj-w7xW8oLyIluvrxMQWZAbx_JarAo8G4demzvuohGZ731YVjhwlntrpxixaO2yjkoiNGxRB6SO6UFq0559JoneUmgz310tBWNbJmBZapmiWyJPrz70fPY4iMkuAFm6Jr2LUqgFuAGxxnWfKRi4wzBMEBLsv9ELE404Igysl1jVDz_2HW34X7PXTusDczPNX_Mpr6511aH32Na7ENFVTrjy8--h5u0VUtS5-Ox_mNpfQEMFtGz0Hn6ZeVwdk5bvAONbX49czOlcFPxKGx0lsjJ0TjUz8a2TlJSx7Q_7Wq_cQoeWJ6aRag2ECyizxOjGZ5y3Bj-ykKXmEmyr3SyPOArDng5crkI_Nzo91hfN48F3FLd3dzkzqRc2UwANkC4BRZp9BjDw08Rx8ier2wcx7oO2o-yiF7AK857E5j6pHKMeZNsUckBe5pWntTpSsjDBditwhYB3QaSsJnD-QKSF2bmeabudhV7Vh0XNjPE9qAsJb_JKBreAvUSOC8oGA8Flp6cfMYukC9XCVBqZnkPDvdDygQ7ZZAW23YqZePt2D3n-Zfe1Jlk7hjfCehpBi6BsspoqqTC4esqPR9FsixgWaQDrcIku7Qg_XYbGQovLHaMYUoUH0n-nrLdopi6c9w9JRVD-K7c3TmOydu0YCE9TluPm9aLZ_sUJrPE4tHsQn395pn9EOtISnKKEUfCas5YXOninB2ir39nIEAGzn2pFZS1TFbqDJVtnThIrphl7Xb18FD1kDEHJ2CdcgpU5U0Z-9mWfybr4sSkIka0s34CbFRtinXn_6nBNeniv-bHt0eHfaXQ6NcrQORWllBCNIKtM9g1DkR-zORnv3I8iiKOWLVMb4BouCUxNyOQ-bSKu9FI-zOY6-qTAu1FjQz82XBI8nR6x6uiCqLGx2uu3vMxkrW6sQb_csUD7GBHtskAOBlv6fG_bz5Fz2mCohComRD2yJHMY9hFymtQnT__O3U7UFQttcHgEZXR5poayVZHoFwlZD011Datzog-oESslWX-0lbdAzTRyIFjwtPbyKycAlxl9Xi3gXTZrMSkeNViJ2f920aGWD2-r71SrudxpMtEP_8dSOvRNufP1XNIVk2HvrhGeexnN0Fsx9SlFE3KrZnwH04SgKrCNlYVNVnhNiaatIPt7YvlbWMNUfBwDu4j7BMlgEZGdpMKKzubrv-BTnECHDUwUwPciU8WkIjXXP52MPKwBbS-U0skoL8Ig0087wKj9-UZRKqL6S6KXdXVH7MIhLLFB14y052N87MsB_gBI00fmT55mpwZE3d6Iy2gSNm8pcj9KU5IoKwGU0xtgvNui-id5EDdZYR-VX3RCEBOl9XbuFN36Lc66cAE8aAPVJjkltzP7UGy-zTYxDJ5ERQPJWLJZnlszJu0GbczmSs1KzAy90dDk_dTIRwT45bleJvWoZg0sMUNLn0t-aSJySj4grZvxTEiENL4gREpMuFoyaJCDf4b4qT1aPQ-TtWPWD78rRN-qvE4-J6XSQg7yIKTwojAMkRTkvs7DxTbKHuEYKddXLhdgCqqrRph_k-fsbzQO2AWxh7vwBo12fTmlbzAPouPHxXXaUJGMpKHn2pRGo4acx0eRFoWONAZlvu_6FVzFpCx2L2IisigOwRyaf8wDOzwzaQy75jBAxxEtGoLiABl2WDNcp4FCeXt8hzGbq3JHghSfd2fA0bWB8bzkHCaz69E2H-xcu7FWGyLJMCnECkSNDbH9ooKWJBoMvIr0qXSl18J19dG2JMKqCgeGvckp7Ekf0cP_EsFUnbHOFq70JEWf7l2vEH1XA&cid=CAASJeRo3Mcf47W32b4Eci2CjnoU-BT2T2oaG4lxV5N8noisq2OS8RA&rfl=1%2Chttps%253A%252F%252Fwww.getnews.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:02:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 7846 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 21:03:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7846 0
622 B 171ms
83ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_KGrW6Y5FYapLqkYN6sLYJYRKfFt233QolF9AcuLAWstpMJdwSPM-DyGsEYXMmpRooqusN-zsk9-YWgTdc7qKUZHMICQoSOH-Ib_J1Ncnkw60Quvr9S2B7T_2TnbR1eWmBPxMIXmbQtiz1gducWm1yp_vu5llGOjC1HSTxZiWm13gJDuPpZd_9UrfVPed7IO0MwsiZl3cfqaOAjiwSGHaw2C2Fi_-SJPFb4Wmd67NBbIRhLkB5FqXMU2Am_6EBTudBiRw_tks593TlBH3o1waj6jTbtMIDh56DpsC5bOzxuLz5YD3upYlqIL5Nj9G-jFTZ2DpfnCLavTyi8R7GBEhWgDK3hgc9FFQspqB5gn_HYz9wM0gCpE5_knum3Hvao-i0AZdGGO40ZGzjJXryfT1u20nfOUpNBbitV-8_hwXhZhmoHZqirMtBEUdjCbnUNjtiJvqRYuEqyQpoEhI8v1P1d9tXHeBTb5038XxDQJHgm-gLNMtyEJBVe_1vie2uW7bDF6QzQ-e2n9MF4Fr86vLtyXcFloUxj29EXtD9NJJYqMdE0aBazWIDn_9q_myNNUouNbSwYAL7ZFmxs3UC1N1vwdz9Y8zxTlqbW_j7qJNXuguCGR1MBSeDYtnE4w9GBE5Xoa_wkZ2Gmd_wUlQ4753qIFtUm7TchjzyYTP0B6D5BWbLkIeFwyRJaL7zkZAXvaE1aAkfz3ZXZHK53JhCyHdr5AJhy_aPd1-tvbcfCj7rsh7oiT3Z_tJ66UsVGasjt3GoWEFO5Qun7wEhgEPUFzr5Mavd0tRLhHH-meQ4oI_dnHsTYeRRl0PW-upaZY0JYQB3m3QnlkQPRMOO3ESs_XdtqIqBirsceuryDDd--9ZPDcH8i1QDoUlrvx39Th3VH17BijBkdV41fAjNy4uGQgcxqBcka1qVWXAWGHSYyFYNC_dYRym5mDTg_zRkw7UsYkoBIQYVw27crfnT9RrCaUulmmxMW9bp8t6BIw4b47g3WVsksrMNe4Gy4AhTv2IL0PvHii0LFJxO_MZYwYvvUCxQnRpalLCOCbhod9Tk2JAhK6fXKEb9QB4jPNIsw0n4Ua8ugUttnSqtW6yA18FV7Dh4_Zgr0lvmW3eaF15DK0g3D1Ez5BTiazrENCafpoljNlo9M8Lsv6XG2LS7NphoDGQfgo60mc0GkGLuwLqBGJ9wcxIsdmdROG_N_aZXS5hBf7WbokRNTwPC_mE&sai=AMfl-YQfhxHudIcshEmJwv2Do_XqbEYiiv-Qc9foB7jzOIrG74bhy-FkpUtaIJCMSr9yZe0_gwOXIqt2xFbhW8qBEfKmYfEtLtWgc8HEZfP_wI2v2bqWsNMvPwhgqU48kdLVDaarvzObvkGclLg936NHzalET3Pqs0rKBPODRkjhIPkXfpI_dBrSrUllfmTrRjA6MSgGLt8ZOzlcQDfnFiwYpKdEnzYLUCbWjpiLQROVK3m1lgBvwQ&sig=Cg0ArKJSzNlU3AUGlA0XEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220518.70644&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 22 May 2022 21:03:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7846 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H2 200 15904951894310459089
s0.2mdn.net/simgad/ Frame 7846 57 KB
57 KB 120ms
38ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15904951894310459089

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b4e2a512890cef60615db24416e171ae582aab74f0f589c1fd783064bbb1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:53:20 GMT
x-content-type-options: nosniff
age: 562218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57924
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 09:50:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 08:53:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4863 1 KB
749 B 37ms
36ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 23 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7846 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31770ca4ef4c5099b03c37b5a107cbdd6cbff1fbd6e5194ad39c2173b15041df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B3A 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 378905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDETJRiTUtjZn1wHaENUNlc&google_cver=1&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU3vNiMd4aIDPUNXzd1rBqNBKxP0Z44Je5b7BObRXg&google_hm=oriRQXldlQR34t...

170 B
188 B

47ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU3vNiMd4aIDPUNXzd1rBqNBKxP0Z44Je5b7BObRXg&google_hm=oriRQXldlQR34tsxYjPbtg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJJDyN7vYFmZNhwaJMJKusNPTVXY_m3R9qYXiBFOLsgUkYhkvbviU3vNiMd4aIDPUNXzd1rBqNBKxP0Z44Je5b7BObRXg&google_hm=oriRQXldlQR34tsxYjPbtg
pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqH...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9xbEtnQUFCVTVFYUVLVQ&google_push=AYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqHVkwC70kLFJzV-TK4GHFK_j7wNLWK5bKGqomtA3s_KIzffiT4vmVlIKrE

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9xbEtnQUFCVTVFYUVLVQ&google_push=AYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqHVkwC70kLFJzV-TK4GHFK_j7wNLWK5bKGqomtA3s_KIzffiT4vmVlIKrE

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9xbEtnQUFCVTVFYUVLVQ&google_push=AYg5qPK3WcUqDodSDrnQI0d6-XKNGQr_Egu60H3YZqHVkwC70kLFJzV-TK4GHFK_j7wNLWK5bKGqomtA3s_KIzffiT4vmVlIKrE
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 4863 42 B
60 B 47ms
46ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKS_8n3UzL3Jt3uB1pkrmj4WdnUrSh8a4F6Tmzdr0zgujagQzL6U2BeGLZd0IBl8_XbunVHecNlTRLPBJ-vpDtKYNS3g4E&google_gid=CAESEPAcnu9c2RwhHNs26sXO42Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:38 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 4863 43 B
64 B 92ms
53ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG49bdIEXgoR-vyALwD4cAY&google_cver=1&google_push=AYg5qPKKnZC-roj76k-lTACe6FswvUYPta2PE_auZeWZQZ9FBjKjbwbWYrUKtBhxhNS9u6ASR39Mo0cAuZ3FtLgk7PkgvULb0g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7737704120074777&output=html&h=280&adk=4263423142&adf=1426518256&pi=t.aa~a.4134018108~rp.4&w=338&fwrn=4&fwrnh=100&lmt=1653253417&rafmt=1&to=qs&pwprc=7694231566&psa=1&format=338x280&url=https%3A%2F%2Fwww.getnews.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653253417560&bpp=2&bdt=2835&idt=2&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5acf7c4ee3787d0-22b943099bcd00cf%3AT%3D1653253416%3ART%3D1653253416%3AS%3DALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ&prev_fmts=0x0&prev_slotnames=9614642022%2C9614642022&nras=2&correlator=4182628816803&frm=20&pv=1&ga_vid=1890701765.1653253416&ga_sid=1653253416&ga_hid=1062218742&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=932&ady=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067544%2C31062931&oid=2&psts=AGkb-H-ZfmnL4Dd_AYtVBufL-kP_UlD-odl3bGEEO1YZBR2Gf1Y49o4N2j_2ScdrVR57ysKfyNoLAUmoD1_OnA%2CAGkb-H9NFthUxaupzP5WsXG5cLexa6JQArR9CpjzJcE0zEcR1aLayhhmL-4a2BpBfe_6kCMA9mBEiZ_d82040g&pvsid=358399777369114&pem=458&tmod=1807460585&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=rRso9a1x8n&p=https%3A//www.getnews.info&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: c3lpmo1ob551ikbugpdlrf96f1o8gnt6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufQCfb3rSoabxK1RyuqbvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufQCfb3rSoabxK1RyuqbvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKONnjJdby2GYHaNyrEIIjyZ8tza6HzuWB96uF7ueqVMqgqPk6CD_vpBPxmm11w7cWyJYvsIpysu_joB5IOfpuq3O3mRA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ufQCfb3rSoabxK1RyuqbvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKONnjJdby2GYHaNyrEIIjyZ8tza6HzuWB96uF7ueqVMqgqPk6CD_vpBPxmm11w7cWyJYvsIpysu_joB5IOfpuq3O3mRA
date: Sun, 22 May 2022 21:03:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOpPNynUMcCmFTzyuW_Jce4&google_cver=1&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VEVFUtMVQtNFQ4NQ==&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQYV4WJ7OoHHug9m7hAl0fApsw

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VEVFUtMVQtNFQ4NQ==&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQYV4WJ7OoHHug9m7hAl0fApsw

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNIU0VEVFUtMVQtNFQ4NQ==&google_push=AYg5qPKJXqZm2Xyutxv7UWqqpWVRAvMl_TcrRpvj615HLWtMbMskmef6rcJg4iLZCD3qf5GPxwQYV4WJ7OoHHug9m7hAl0fApsw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4863
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPKcRgoW_PKAQE1eG38PfrJIOopt25gfr...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPKcRgoW_PKAQE1eG38PfrJIOopt25gfriPKdckGiYjx4ICDaf6AkCdXXYqLfFd-FLu-PFfrutyHfcHzABDu2pWpgv-0sdg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 21:03:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoqlKgbGi4n9vAKIMtj4iwAABLoAAAAB&google_cver=1&google_gid=CAESECpMoOsrbiPy4XgkyVZxe3c&google_push=AYg5qPKcRgoW_PKAQE1eG38PfrJIOopt25gfriPKdckGiYjx4ICDaf6AkCdXXYqLfFd-FLu-PFfrutyHfcHzABDu2pWpgv-0sdg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sun, 22 May 2022 21:03:38 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4863 0
12 B 45ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-q9o6IlVTxSpJTodlsNQomAVHWa-1iQtbABJx1O4FBP1G25mVHH2Bl0oJT3M-qCXjRQmj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 21:03:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B3A 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:54:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13637
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 07:54:42 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7846 0
26 B 148ms
73ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 21:03:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bska2KqWKYpiDDMLV7_UP8eyCiAcAAAAAOAHgBAI&bg=!7-yl7KjNAAZ4vKt9WLw7ACkAdvg8WoT2lumPBNaO8fmf-FcBtzLJ2M-RFP9hQ9ubJhM4j5GFv2GlSgIAAABVUgAAAAJoAQeZAtNPaZP1H-LmEJdLXOkxN4dxCeA5OpddPHShBjyEkJ1BWtWQcOpJ7fgtjsK7VxhWx48WqwelrbkynCTwXg-XW8Cz-gHlU3hTNGLMJcAXudmPh0mBnfS3hLHrfyH6QBAr95nbdw_35UsOg1sppQ4YxEJhYQ-bZ0i2dJdlzfbSldHJdxX4c-3quA_3koJXGh_DGu-5JV2Dy0j1x2wC3xcVDoLkDeRuffYoTFVhjyGM99RtgPmOLbcE8zqFfzi-Zgay9uv6PQN--D8llNkYEzbP5uHD_XBJbi8-nb8RbmpVwsBBGH4FJCWIVfnqMHDxSySts38Z5kAPoG7OquGgDIJ6ky00GspkemT2eorSCe_OqOV9_C8lbu_Ai5VyIKMKxv3sD7J8AUM3G4dPU4h9So3BdpsLGdbPcdW5Leo9EyO-Z-7Wd9D1wg4b7NocPQAkuEC2LyKxCa9DfPmpORierhLXxDwqVXEgpwWxtW1ex91-QDE1iFUN0U0lne76_7HVoIoHJ8f8an38IGbCodTtrePMRnlJnwAqi0zkfeGGfE9qvueSKmwwuKa0SFsD9tOhsH59JYOErl2MexKlOFPTORGAJcNckW2kG_uvcAtWlbGVgPVE1Vh3QwMcNgKKPhKJ22cQwiLnlOEzv68j6T0uZ_yBlcGElp42gQfPp00gxFBOKVTLV0nKLbZ7N0oajzpVkcFDavwDTOtIMC9OISMjapYt8XasG3kT_MD_f6we-hWDPHvXYTsmc0m_LneOM5We6HHVysPbUTPuDmhyRGCPk1vY1FEXRvRvWnWkzBFgm2SWCa3dQ2jnRTmAJ9ur6meSHWJ0-XZplbVufBAy8Ct_eZKfWomJqz9xqPzbCkHF0YvxWxTCxov5ngKqxbfJvor2OMTyRdQ7yOr5wBaFK2bkBa2_b9Hnq6r03Ps5iMXci9PooFntX4D_7VGnF19gQDyVOHksM0lzcOQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C568 0
0 76ms
75ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpFAFKaWKYvrZA_vQ1fAPzoqouAzv4Pv0aaeCkey1DdvZHhABIJ-5lSRglYKAgJgHoAGU1u7VA8gBCagDAaoE1QFP0AiVvDlNWkWqphzDQ3ViSE5_fA9fqvstwojrhwhsm0NO9Bb2WJjJsE0Tf7VgNld--O1kVqEKtyWOy5mmL_lr1XhB9awuOMY5nbDNKEYkbWb5E06PmlP3pHU-qzpeOX7DqmDenEbFtnUTzJuBaXhgLRy5Fv1aYJK-c-H9_Kjz78LjycvSFNnVC-Zo19wF5E5Efcrr63Z4Yx0ZQlW4LO70eRd1EB_6cz0qQhnln4jEHIVosIRI41nKdU362un0QQtaVNGRMt8WjtVrCkjc_njpZ8Tp6lrABISh4Lu6A5IFBAgEGAGSBQQIBRgEoAYugAfUqZEqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhuoe0ggJCIDhgBAQARgfgAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTc3Mzc3MDQxMjAwNzQ3NzcYAA&sigh=RLSOjpfkrpM&vt=1&template_id=484&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 21:03:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C568 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurluGqzfkHEV0LQ6qRVGcpFVaq68g7FNxn5RzP7dqzzzOFr7yCJeOc3N_UV076cv_mI13vkTlIRqWIEEOYlYGeA1LMUDWInXaRpuDh-xGBcqEXyuC879jtBy3pDN7hL-mXddEIPxoRQZrAp-WzDII&sai=AMfl-YQPM5Hv3y-GSrhbC9Cma9IwHqRgWWFPfwH7Hvrv8ILfZ25683p6A_Xz6Cs1UKABInIusn9FQSsIovjcQgrgzFFOG7UKMWR2wCI6KA1YtDq81bURz3DXZCqbFJyi&sig=Cg0ArKJSzCBjx4OEuz7WEAE&cid=CAASF-RoUeZdlqnjBHEotoDhDn_aMMu4dx_K&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=124,791,1002,1146,1146&tos=124,667,211,144,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653253417630&rpt=296&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 21:03:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ21adZviTwCxEjUtZ8hGfY&google_cver=1&google_push=AYg5qPJwwhqbl6d5mIXCXZTTJA-hm1knDYQttfcb2MEdpgGsqkN3pnASE5RQRXoGiyr-g1APwfL0o-30Yuf_88wdzaj3E5DuzJY2

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.getnews.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6b52169e2b8ffe92c4a2a69b913619e7
.getnews.info/	1970-01-20 20:45:25	Name: _ga Value: GA1.2.1890701765.1653253416
.getnews.info/	1970-01-20 03:15:39	Name: _gid Value: GA1.2.1787172236.1653253416
.getnews.info/	1970-01-20 03:14:13	Name: _gat_gtag_UA_47275228_1 Value: 1
.getnews.info/	1970-01-20 12:35:49	Name: __gads Value: ID=f5acf7c4ee3787d0-22b943099bcd00cf:T=1653253416:RT=1653253416:S=ALNI_MYuJqnE7Sk9NuEaDQJO-uez9P8NaQ
.doubleclick.net/	1970-01-20 12:35:49	Name: IDE Value: AHWqTUkRFylgmR2IzSHb_4MbUXR18CefdAx1_uTxGttKmuit5ETa6j1S7hZC6QBlaJo
.quantserve.com/	1970-01-20 05:23:49	Name: d Value: ECcBCQGZJoEA
.quantserve.com/	1970-01-20 12:44:27	Name: mc Value: 628aa529-dcdae-17937-2e022
.agkn.com/	1970-01-20 11:59:49	Name: u Value: C\|0CEAqHWGpKh1hqQAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 11:59:49	Name: ab Value: 0001%3ALDS70ulUcrk8uGC0np7V%2F8hPLiJkgimH
.casalemedia.com/	1970-01-20 05:23:49	Name: CMPS Value: 3260
.rlcdn.com/	1970-01-20 11:59:49	Name: rlas3 Value: C1g0zJuwTmFRBCdcU17FLZq6wFZDzTtz5woN6+6kP/4=
.rlcdn.com/	1970-01-20 04:40:37	Name: pxrc Value: CKrKqpQGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 03:15:39	Name: CMST Value: YoqlKmKKpSoA
.casalemedia.com/	1970-01-20 11:59:49	Name: CMID Value: YoqlKgbGi4n9vAKIMtj4iwAA
.casalemedia.com/	1970-01-20 05:23:49	Name: CMPRO Value: 1210
.pubmatic.com/	1970-01-20 03:15:39	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 11:59:49	Name: CMRUM3 Value: 2d628aa52a2760CAESEKiwB7Yau4Ju1O5sXqmgVjU
.adnxs.com/	1970-01-20 05:23:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>5g417m!]tbPl1M>e)ZlrFUfJ+tGXxoXD^)?EI-CcWP:?HI?s2$`QTq8gZsk@5]2@-r3If)y3KL9D3I?+3RB=+.
.adnxs.com/	1970-01-20 05:23:49	Name: uuid2 Value: 105365508937092392
.pubmatic.com/	1970-01-20 05:23:49	Name: KADUSERCOOKIE Value: B9F4027D-BDEB-4A86-9BC4-AD51CAEA9BBC

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ21adZviTwCxEjUtZ8hGfY&google_cver=1&google_push=AYg5qPJwwhqbl6d5mIXCXZTTJA-hm1knDYQttfcb2MEdpgGsqkN3pnASE5RQRXoGiyr-g1APwfL0o-30Yuf_88wdzaj3E5DuzJY2 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
getnews.info
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.getnews.info
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.36.113.23
142.250.184.194
142.250.185.194
142.250.185.70
178.250.0.162
178.250.2.135
178.250.2.148
184.87.213.8
185.33.221.13
2606:4700:3038::6815:e9e1
2606:4700:3038::6815:e9e2
2606:4700::6811:190e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4014:80b::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
3.68.169.133
35.227.252.103
35.244.174.68
52.214.225.206
69.173.144.165
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c78238de1ae2075cab11bb66e73e1aa82f8357532868cf38ae3ff6c9ea1dccd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1f7172247f379e3f6f7b21b67411f10823a37eaf446c76d9f1185524eeb83c16
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
31770ca4ef4c5099b03c37b5a107cbdd6cbff1fbd6e5194ad39c2173b15041df
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
382889d5c2f97354c3426d5005771033b17c30653d7fed2ea633f78fd2ddb66f
38ce2a9005a58b8ca5bc7af63825f3050e8b697665bcdaaf8cfef5f01e2d0bd5
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8133f9ff3d5ddfa526a8a06252211430b695a31b8a02cdbaf4e538a8080610
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebe881c35b965e72d116592794d77f7477201877e37424795ffeb7ac285c4c3
4f14f0c03469d8508ea3ef1a35fb9e27c01a418fadfc7a5cfb6266374042edf5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b2388ae06291f924112e1a26f544afce14e266a01d73edf9bd501e009f5904
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3d071811110f9a46ff8f7da8c77f2bd62580fbc0e1cd011567317c0b73c305
5b599ef45d134305b3d6189bcde1c5493165a52eb7d10a328eaa150f7cd08105
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
672c82ac45f895a1f8c8d1be46a0b3ba277bb391d17d3e60c832d681c70885fe
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cabc8ea77f53d1f458b7f8e3ecf68a4169d89fe5fdbfd6b53963b15e89f4db5
6ea3d9c276488f4645e84b2c004a5221ee0abb79acd6273c833f70f73a52ea08
71b4e2a512890cef60615db24416e171ae582aab74f0f589c1fd783064bbb1f0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
896f1b327c96443e3a5c8ba1122fd03883ed064d705ebef41da9b3547fb0e4b5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94613efe04efef145250b3fd9c70ef82969f48ddaeada6f918d64cb8ecc66f70
94787832cd91fc7be01b051ba1ce59194fc5ae342393f9d25f46cbe51d5c2e3e
9571d6c0233b0d55c5a3d946fd8ca78c72114a0850d9ff48acccbe69dc3b8903
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
afcf8cb9d6da5bbc01d855c13b70df8b591f8b6c9a86ae164356dfdc34a0ad08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16fbf388b4fc3af276d5ecb0e2e6caaeea8b4af46e001b5d65c80d25faa7866
b1d1f531341e4076743c61caa2deae6e5e461d8321f30a7caf47681a689f4101
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
beed3c7b010dd94e0d869802272cf75b8b097b162550a393c54828fa508f26d1
beee1ec326e80f61d260a90b60c085d8074113165a1b19ab80417468a256d6a0
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cb017ca6b47e43df32055138dc707e8166a1eb42b9dd9db40cee98b93a0455f9
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
d299a969e1ba8a952652362a480f80d0e8d89d6917e6b162f8220f88d9270970
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f2b8cd47d3328f3014507e1574595419bb25e9507ba8a618af6ae47099c881c9
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

www.getnews.info Open in urlscan Pro 2606:4700:3038::6815:e9e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

88 %HTTPS

61 %IPv6

25 Domains

38 Subdomains

33 IPs

6 Countries

1831 kBTransfer

3919 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.getnews.info Open in urlscan Pro
2606:4700:3038::6815:e9e2 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

88 %
HTTPS

61 %
IPv6

25
Domains

38
Subdomains

33
IPs

6
Countries

1831 kB
Transfer

3919 kB
Size

21
Cookies

159 HTTP transactions
4 data transactions