news-af.feednews.com Open in urlscan Pro
82.145.213.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Submission: On February 19 via manual (February 19th 2022, 5:33:35 am UTC) from PH — Scanned from DE

Summary HTTP 86 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 17 domains to perform 86 HTTP transactions. The main IP is 82.145.213.6, located in Norway and belongs to NO-OPERA, NO. The main domain is news-af.feednews.com. The Cisco Umbrella rank of the primary domain is 23495.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 13th 2021. Valid for: a year.

This is the only time news-af.feednews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	82.145.213.6 82.145.213.6	39832 (NO-OPERA) (NO-OPERA)
2	162.159.129.82 162.159.129.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.18.243 104.18.18.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9968	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
86	20

10 82.145.213.6 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: news-af.op-mobile.opera.com

news-af.feednews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-af-2.feednews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.129.82 (None, )

ASN13335 (CLOUDFLARENET, US)

res.6chcdn.feednews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.243 (None, )

ASN13335 (CLOUDFLARENET, US)

res-odx.op-mobile.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

s.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb::5f64:9968 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	366 KB
14	opera.com res-odx.op-mobile.opera.com — Cisco Umbrella Rank: 185729 s.adx.opera.com — Cisco Umbrella Rank: 42407 res.adx.opera.com — Cisco Umbrella Rank: 61469 t.adx.opera.com — Cisco Umbrella Rank: 4025	64 KB
12	feednews.com news-af.feednews.com — Cisco Umbrella Rank: 23495 res.6chcdn.feednews.com — Cisco Umbrella Rank: 33759 news-af-2.feednews.com — Cisco Umbrella Rank: 88744	240 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	140 KB
9	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	97 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	114 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	730 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269	892 B
2	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 2553	603 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 585	699 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9027	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
86	17

	Domain	Requested by
18	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	news-af.feednews.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	news-af.feednews.com	news-af.feednews.com
6	fonts.gstatic.com	fonts.googleapis.com
5	t.adx.opera.com
4	res.adx.opera.com	s.adx.opera.com
4	s.adx.opera.com	res-odx.op-mobile.opera.com res.adx.opera.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	news-af-2.feednews.com	news-af.feednews.com
2	eb2.3lift.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	an.yandex.ru	2 redirects
2	creativecdn.com	2 redirects
2	ib.adnxs.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	res.6chcdn.feednews.com	news-af.feednews.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	res-odx.op-mobile.opera.com	news-af.feednews.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	news-af.feednews.com
86	26

This site contains links to these domains. Also see Links.

Domain
fusemag.co.za
www.techarp.com
hub.opera.com
www.operanewsapp.com

Subject Issuer	Validity	Valid
*.feednews.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-08-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh
download.operachina.com R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Frame ID: 339994FD07C0D95C269EB1484F98EE32
Requests: 25 HTTP requests in this frame

Frame: https://s.adx.opera.com/aframe
Frame ID: 17163FDBB232BED0BB5CC112C4B63E8A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: BE3FA1D087CB4B7AE3B4C1CE4FD8EC21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&adk=1812271804&adf=3025194257&lmt=1645248810&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810408&bpp=2&bdt=1530&idt=202&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8056209827208&frm=20&pv=2&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: 39CEDC0EE4AD5426457D86973E3D107A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=2955907309&adk=1733093989&adf=3927839168&pi=t.ma~as.2955907309&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810410&bpp=1&bdt=1532&idt=223&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zQuxq8Bi1X&p=https%3A//news-af.feednews.com&dtd=227
Frame ID: 8DBE440BE1EA93EC0DFB192F84C4E0D9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=4612603903&adk=3574579233&adf=2254609832&pi=t.ma~as.4612603903&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810411&bpp=1&bdt=1533&idt=235&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DeCinMWVYH&p=https%3A//news-af.feednews.com&dtd=237
Frame ID: 3BD2C310AD16110A8E0C5CFACFD7755A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=6249119200&adk=3269718045&adf=1367071725&pi=t.ma~as.6249119200&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810412&bpp=1&bdt=1535&idt=240&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8uGmXVVotS&p=https%3A//news-af.feednews.com&dtd=241
Frame ID: BA61BD19F8FD068CF8AF49443734A20A
Requests: 15 HTTP requests in this frame

Frame: https://s.adx.opera.com/pagead?pk=s3349331957248&w=1567&h=0&fpil=0&cc=US&conn=UNKNOWN&dt=DESKTOP&lc=en&opr=&ost=WINDOWS&osv=10&pkg=news-af.feednews.com&tk=ff0a1217e3bcdc6e7ea76608859a1b7f&ts=1645248810&uc=true&uid=5a95d436-6263-4407-a82b-da3de8380acd&bl=en-US&cst=UTF-8&debug=false&rf=&sch=4953&scl=0&sct=0&scw=1600&title=QmlsbCBHYXRlcyBoYXMgZGVtYW5kZWQgdGhhdCBhbGwgQ292aWQgMTkgdmFjY2luZXMgYmUgd2l0aGRyYXduIGluIGFsbCBhbHRlcm5hdGUgdW5pdmVyc2U%2FIC0gT3BlcmEgTmV3cyBPZmZpY2lhbA%3D%3D&tz=GMT%2B0000&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&vph=1200&vpw=1600&vr=news-af.feednews.com&ct=BIG_CARD&ct=DISPLAY_HTML_180x150&ct=DISPLAY_HTML_250x250&ct=DISPLAY_HTML_300x100&ct=DISPLAY_HTML_300x250&ct=DISPLAY_HTML_300x50&ct=DISPLAY_HTML_300x600&ct=DISPLAY_HTML_320x100&ct=DISPLAY_HTML_320x140&ct=DISPLAY_HTML_320x480&ct=DISPLAY_HTML_320x50&ct=DISPLAY_HTML_336x280&ct=DISPLAY_HTML_360x375&ct=DISPLAY_HTML_468x60&ct=DISPLAY_HTML_728x90&ct=NATIVE_BANNER_2x1&ct=NATIVE_BANNER_3x1&ct=NATIVE_BANNER_4x1&ct=NATIVE_BANNER_5x1&ct=NATIVE_BANNER_6x1&ct=NATIVE_BANNER_6x5&ct=NATIVE_SMALL_BANNER&ct=JS_TAG&ct=JS_TAG_LIST&ct=SMALL_CARD&ct=VIDEO_16x9&ct=VIDEO_9x16&ct=VAST_3_URL&ct=VAST_3_XML&pubcid=668a7699-a1fc-468d-ab63-7981f9d673a0
Frame ID: D5E0641DD79D63635EA3FD78AA665D85
Requests: 1 HTTP requests in this frame

Frame: https://s.adx.opera.com/pagead?pk=s3480327769472&w=1567&h=0&fpil=0&cc=US&conn=UNKNOWN&dt=DESKTOP&lc=en&opr=&ost=WINDOWS&osv=10&pkg=news-af.feednews.com&tk=ff0a1217e3bcdc6e7ea76608859a1b7f&ts=1645248810&uc=true&uid=5a95d436-6263-4407-a82b-da3de8380acd&bl=en-US&cst=UTF-8&debug=false&rf=&sch=4953&scl=0&sct=0&scw=1600&title=QmlsbCBHYXRlcyBoYXMgZGVtYW5kZWQgdGhhdCBhbGwgQ292aWQgMTkgdmFjY2luZXMgYmUgd2l0aGRyYXduIGluIGFsbCBhbHRlcm5hdGUgdW5pdmVyc2U%2FIC0gT3BlcmEgTmV3cyBPZmZpY2lhbA%3D%3D&tz=GMT%2B0000&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&vph=1200&vpw=1600&vr=news-af.feednews.com&ct=BIG_CARD&ct=DISPLAY_HTML_180x150&ct=DISPLAY_HTML_250x250&ct=DISPLAY_HTML_300x100&ct=DISPLAY_HTML_300x250&ct=DISPLAY_HTML_300x50&ct=DISPLAY_HTML_300x600&ct=DISPLAY_HTML_320x100&ct=DISPLAY_HTML_320x140&ct=DISPLAY_HTML_320x480&ct=DISPLAY_HTML_320x50&ct=DISPLAY_HTML_336x280&ct=DISPLAY_HTML_360x375&ct=DISPLAY_HTML_468x60&ct=DISPLAY_HTML_728x90&ct=NATIVE_BANNER_2x1&ct=NATIVE_BANNER_3x1&ct=NATIVE_BANNER_4x1&ct=NATIVE_BANNER_5x1&ct=NATIVE_BANNER_6x1&ct=NATIVE_BANNER_6x5&ct=NATIVE_SMALL_BANNER&ct=JS_TAG&ct=JS_TAG_LIST&ct=SMALL_CARD&ct=VIDEO_16x9&ct=VIDEO_9x16&ct=VAST_3_URL&ct=VAST_3_XML&pubcid=668a7699-a1fc-468d-ab63-7981f9d673a0
Frame ID: 82D3476AA4397D1838BCF92D074CBA80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E505C6D80B10BA830C691F3821AFF50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DC38097978C7B513254D94C6C5BF663
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Frame ID: ACAAB250128FC1D8B10DEC24B0A88857
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Frame ID: 0AFE9929584B4ABFEE5CB9E1765E4103
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Frame ID: B2DFD9D0753908DD934D8EF77134E5E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bill Gates has demanded that all Covid 19 vaccines be withdrawn in all alternate universe? - Opera News Official

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

86
Requests

93 %
HTTPS

63 %
IPv6

17
Domains

26
Subdomains

20
IPs

7
Countries

1084 kB
Transfer

2575 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://fusemag.co.za/covid-is-a-scam-and-lockdown-is-not-acceptable/
Title: https://fusemag.co.za/covid-is-a-scam-and-lockdown-is-not-acceptable/

Search URL Search Domain Scan URL

URL: https://www.techarp.com/science/bill-gates-withdraw-covid-vaccines/
Title: https://www.techarp.com/science/bill-gates-withdraw-covid-vaccines/

Search URL Search Domain Scan URL

URL: https://hub.opera.com/
Title: From Opera News

Search URL Search Domain Scan URL

URL: https://www.operanewsapp.com/select-country
Title: Home

Search URL Search Domain Scan URL

URL: https://www.operanewsapp.com/za/en
Title: Country

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ib.adnxs.com/getuid?https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60141%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ft.adx.opera.com%252Fsync%253Fvendor%253D60141%2526uid%253D%2524UID HTTP 302
https://t.adx.opera.com/sync?vendor=60141&uid=6059698798055169538

Request Chain 36

https://creativecdn.com/cm-notify?pi=opera HTTP 302
https://creativecdn.com/cm-notify?pi=opera&tc=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60039&uid=ibYaFA8ySjji0sIg56ZP&pi=opera&tc=1

Request Chain 37

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=19F0113274645707

Request Chain 38

https://ups.analytics.yahoo.com/ups/58484/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58484/occ?verify=true HTTP 302
https://t.adx.opera.com/sync?vendor=60112&uid=y-WDIXtv9E2uFnT2cKBecxB2ksY45y7YU_9tnt3I8-~A

Request Chain 39

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID HTTP 302
https://t.adx.opera.com/sync?vendor=60124&uid=214924437215111384383

86 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 7a2fd6f58232f8c4d8f418f436689c43 Show response
news-af.feednews.com/news/detail/ 18 KB
7 KB 382ms
19ms Document
text/html 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: c4ccb604e925b3e11823f3497444a3eeab1c12ab946717f0eb68d542b9412930

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Tengine
date: Sat, 19 Feb 2022 05:33:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=86400
cache-tag: 7a2fd6f58232f8c4d8f418f436689c43
edge-cache-tag: 7a2fd6f58232f8c4d8f418f436689c43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,User-Id,Device-Id,Access-Type,App-Product,Country,Language,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With,XFILENAME,XFILECATEGORY,XFILESIZE,Signature
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
content-encoding: gzip

GET
H2 200 tpl-common.css
news-af.feednews.com/static/css/ 15 KB
4 KB 15ms
15ms Stylesheet
text/css 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/css/tpl-common.css?v=3.2
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: fa27047926fdd10529ae8f8c6d61b9093b1e49253b9791bffa750595601e3ce2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:47 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 a3d6aff20abf474bbb8d908bb0fd110d
res.6chcdn.feednews.com/assets/v2/ 52 KB
53 KB 59ms
18ms Image
image/webp 162.159.129.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.6chcdn.feednews.com/assets/v2/a3d6aff20abf474bbb8d908bb0fd110d?quality=uhq&format=webp&resize=720
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfa7758918ac303487b91e3ebbeda2edf1044dd4cbee275abb3c78cfc55a5ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 15:41:04 GMT
server: cloudflare
age: 49944
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: 20220218T15,20220218T,a3d6aff20abf474bbb8d908bb0fd110d
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6dfd1edfeb53692d-FRA
content-length: 53652
expires: Sun, 19 Feb 2023 05:33:28 GMT

GET
H2 200 b45d6c6b02d74292b8be4c0066cef3d1
res.6chcdn.feednews.com/assets/v2/ 47 KB
47 KB 61ms
22ms Image
image/webp 162.159.129.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.6chcdn.feednews.com/assets/v2/b45d6c6b02d74292b8be4c0066cef3d1?quality=uhq&format=webp&resize=720
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.82 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd674aabd5510ce72be12dea8d186aa3f6b28c390901781942ea4f529cce455

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 15:41:04 GMT
server: cloudflare
age: 49944
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
edge-cache-tag: 20220218T15,20220218T,b45d6c6b02d74292b8be4c0066cef3d1
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6dfd1edfeb56692d-FRA
content-length: 48370
expires: Sun, 19 Feb 2023 05:33:28 GMT

GET
H2 200 mini-page.css
news-af.feednews.com/static/css/ 26 KB
6 KB 16ms
15ms Stylesheet
text/css 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/css/mini-page.css?2707b09e02433ab8bf9a
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: 4776b907f487ea36b4779c4f353892ebd4cc6d5e1018e2cefa424aea1b76dccb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:43 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css; charset=utf-8

GET
H2 200 mini_page.js Show response
news-af.feednews.com/static/js/ 238 KB
59 KB 16ms
15ms Script
application/javascript 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: d3300e9f9b44f6bbfcd1483559be3858022ac27c6b95d9c3357ddab00e6697cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:47 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf8

GET
H2 200 v0.js Show response
news-af.feednews.com/static/js/ 180 KB
58 KB 29ms
28ms Script
application/javascript 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/js/v0.js
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: 5ea2a4ffb029bcd7f513695bd1fa5e2930fb16d53dbb734dfaefd15b85bf7e64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:43 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf8

GET
H2 200 lazysizes.min.js Show response
news-af.feednews.com/static/js/ 7 KB
3 KB 42ms
42ms Script
application/javascript 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/js/lazysizes.min.js
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: 19baea3033c190d3423f6da8296efea37448b54df3f5dd76acdb39037e6d66e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:47 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf8

GET
H2 200 gtaglist.js Show response
news-af.feednews.com/static/js/ 1 KB
779 B 16ms
16ms Script
application/javascript 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af.feednews.com/static/js/gtaglist.js
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: b89a38e0031c4e0f3dddf6514aaa82d8c99d7a2deb66b6aeb6e6edae40dead22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/news/detail/7a2fd6f58232f8c4d8f418f436689c43?client=news
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:28 GMT
cache-control: max-age=2592000
last-modified: Fri, 18 Feb 2022 06:44:43 GMT
server: Tengine
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=utf8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 138ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136595950-15

Requested by

Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/gtaglist.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cfce64d0b1c018ef2215a78dc76d1ae65674b91e57c58ebe6ddca235632134c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37309
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Feb 2022 05:33:29 GMT

POST
H2 200 log_extra_events Show response
news-af-2.feednews.com/za/en/ 0
326 B 304ms
14ms XHR
text/plain 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af-2.feednews.com/za/en/log_extra_events
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news-af.feednews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 19 Feb 2022 05:33:29 GMT
access-control-allow-credentials: true
server: Tengine
access-control-allow-headers: Authorization,Content-Type,User-Id,Device-Id,Access-Type,App-Product,Country,Language,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With,XFILENAME,XFILECATEGORY,XFILESIZE,Signature
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE

POST
H2 200 log_extra_events Show response
news-af-2.feednews.com/za/en/ 0
325 B 305ms
14ms XHR
text/plain 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af-2.feednews.com/za/en/log_extra_events
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news-af.feednews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 19 Feb 2022 05:33:29 GMT
access-control-allow-credentials: true
server: Tengine
access-control-allow-headers: Authorization,Content-Type,User-Id,Device-Id,Access-Type,App-Product,Country,Language,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With,XFILENAME,XFILECATEGORY,XFILESIZE,Signature
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136595950-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5317
date: Sat, 19 Feb 2022 04:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 19 Feb 2022 06:04:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 47ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1751471073&t=pageview&_s=1&dl=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&ul=en-us&de=UTF-8&dt=Bill%20Gates%20has%20demanded%20that%20all%20Covid%2019%20vaccines%20be%20withdrawn%20in%20all%20alternate%20universe%3F%20-%20Opera%20News%20Official&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1953219529&gjid=430978571&cid=1858670246.1645248809&tid=UA-136595950-15&sf=50&_gid=1984814058.1645248809&_r=1&gtm=2ou2g0&z=1504925339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news-af.feednews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news-af.feednews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-136595950-15&cid=1858670246.1645248809&jid=1953219529&gjid=430978571&_gid=1984814058.1645248809&_u=YEBAAUAAAAAAAC~&z=827257273

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news-af.feednews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 19 Feb 2022 05:33:29 GMT
content-type: text/plain
access-control-allow-origin: https://news-af.feednews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 158ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df65e493db2139b408ba8d08de15cad3a3c02db4478eced10c24295daf405d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53536
x-xss-protection: 0
server: cafe
etag: 6185924730607223338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 05:33:30 GMT

POST
H2 200 log_extra_events Show response
news-af-2.feednews.com/za/en/ 0
325 B 14ms
14ms XHR
text/plain 82.145.213.6
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://news-af-2.feednews.com/za/en/log_extra_events
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.6 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: news-af.op-mobile.opera.com
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news-af.feednews.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sat, 19 Feb 2022 05:33:30 GMT
access-control-allow-credentials: true
server: Tengine
access-control-allow-headers: Authorization,Content-Type,User-Id,Device-Id,Access-Type,App-Product,Country,Language,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With,XFILENAME,XFILECATEGORY,XFILESIZE,Signature
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE

GET
H2 200 adsbyopera.js Show response
res-odx.op-mobile.opera.com/ 114 KB
35 KB 64ms
22ms Script
application/javascript 104.18.18.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res-odx.op-mobile.opera.com/adsbyopera.js
Requested by: Host: news-af.feednews.com
URL: https://news-af.feednews.com/static/js/mini_page.js?2707b09e02433ab8bf9a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691a733afc9d8b99b8adc378ae7ac62e7fdae71fd35f6b511b6d2ffef50630d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56868
cf-polished: origSize=116985
last-modified: Wed, 11 Aug 2021 10:23:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6113a513-1c8f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: public, max-age=2678400
cf-ray: 6dfd1ee7e821690a-FRA
expires: Tue, 22 Mar 2022 05:33:30 GMT

GET
H2 200 aframe Show response
s.adx.opera.com/ Frame 1716 752 B
501 B 174ms
16ms Document
text/html 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/aframe
Requested by: Host: res-odx.op-mobile.opera.com
URL: https://res-odx.op-mobile.opera.com/adsbyopera.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 2c22da5a3ae699a15030ff2dd948fb4768da784776867cc0bd834d3941fa45c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

server: Tengine
date: Sat, 19 Feb 2022 05:33:30 GMT
content-type: text/html; charset=utf-8
content-length: 390
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 110ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1883810847636355&plah=news-af.feednews.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 05:33:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame BE3F 10 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 19 Feb 2022 03:10:18 GMT
expires: Sat, 05 Mar 2022 03:10:18 GMT
cache-control: public, max-age=1209600
age: 8592
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK base.709c2c6.chunk.js Show response
res.adx.opera.com/adx/static/js/ Frame 1716 200 B
759 B 153ms
6ms Script
application/javascript 2a02:26f0:fb::5f64:9968
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/base.709c2c6.chunk.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f64:9968 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 6e50c3c0d0dd92899cabafcbee9cc437c3c9e0b52920462955b4a0f43b758daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 05:33:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 129
Last-Modified: Wed, 15 Dec 2021 02:21:35 GMT
Server: Tengine
ETag: "61b9512f-c8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Mon, 21 Mar 2022 05:33:30 GMT

GET
H/1.1 200
OK common.0cf7663.chunk.js Show response
res.adx.opera.com/adx/static/js/ Frame 1716 143 B
749 B 153ms
7ms Script
application/javascript 2a02:26f0:fb::5f64:9968
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/common.0cf7663.chunk.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f64:9968 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 1fda13d33f8a8bd3f9ea1c77bd5be5e609b2c3461ab7b8fa947fecbcf4c55cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 05:33:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 119
Last-Modified: Wed, 15 Dec 2021 02:21:35 GMT
Server: Tengine
ETag: "61b9512f-8f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Mon, 21 Mar 2022 05:33:30 GMT

GET
H/1.1 200
OK runtime~aframe.3025f2d.js Show response
res.adx.opera.com/adx/static/js/ Frame 1716 1 KB
1 KB 153ms
7ms Script
application/javascript 2a02:26f0:fb::5f64:9968
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/runtime~aframe.3025f2d.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f64:9968 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 329420b0a47f69760e4809709789bf3082acff188be0cc3e6986c333eed15072

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 05:33:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 783
Last-Modified: Wed, 15 Dec 2021 02:21:35 GMT
Server: Tengine
ETag: "61b9512f-58f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Mon, 21 Mar 2022 05:33:30 GMT

GET
H/1.1 200
OK aframe.b92f1ef.js Show response
res.adx.opera.com/adx/static/js/ Frame 1716 64 KB
24 KB 154ms
8ms Script
application/javascript 2a02:26f0:fb::5f64:9968
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://res.adx.opera.com/adx/static/js/aframe.b92f1ef.js
Requested by: Host: s.adx.opera.com
URL: https://s.adx.opera.com/aframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f64:9968 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: d23db477141713690f3dae2f5938cfd74a6d28f85415b4a85844f895dd2d3f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 05:33:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 23559
Last-Modified: Thu, 17 Feb 2022 03:02:08 GMT
Server: Tengine
ETag: "620dbab0-10045"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With
Expires: Mon, 21 Mar 2022 05:33:30 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 129ms
46ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=news-af.feednews.com&callback=_gfp_s_&client=ca-pub-1883810847636355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1883810847636355&plah=news-af.feednews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

2bddb635dac3dbc3829f0ee0b38ce8574aa2de3a9c60af5f1467f636ea83e584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 154ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=news-af.feednews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=news-af.feednews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 39CE 0
19 B 182ms
134ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&adk=1812271804&adf=3025194257&lmt=1645248810&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810408&bpp=2&bdt=1530&idt=202&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8056209827208&frm=20&pv=2&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 19 Feb 2022 05:33:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 05:33:30 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 102ms
54ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845fe30b8a8e03d61bd99a2514662b1008b3dc4b071dea06e5f5b9aa3b1e8ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9918
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DBE 89 KB
31 KB 491ms
452ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=2955907309&adk=1733093989&adf=3927839168&pi=t.ma~as.2955907309&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810410&bpp=1&bdt=1532&idt=223&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zQuxq8Bi1X&p=https%3A//news-af.feednews.com&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99bcef986e663ce0c5a810ace3b6a7c0f9c1cbb8d925bb7460e9e6285e2f5af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 05:33:31 GMT
server: cafe
content-length: 32182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 05:33:31 GMT
cache-control: private

GET
H2 200 pixels Show response
s.adx.opera.com/usersync/ Frame 1716 336 B
335 B 40ms
40ms XHR
application/json 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/usersync/pixels?uid=5a95d436-6263-4407-a82b-da3de8380acd&gaid=&oid=
Requested by: Host: res.adx.opera.com
URL: https://res.adx.opera.com/adx/static/js/aframe.b92f1ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 858d4b57253ada9a210366c80c589b70c2bfc099460407c9951a85c37c48ee2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/aframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
server: Tengine
content-length: 221
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BD2 85 KB
30 KB 720ms
692ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=4612603903&adk=3574579233&adf=2254609832&pi=t.ma~as.4612603903&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810411&bpp=1&bdt=1533&idt=235&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DeCinMWVYH&p=https%3A//news-af.feednews.com&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f830f0c441b119c3d592064d5cee4d32b17bffdca9f7540b1bf1a92f896e846d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 05:33:31 GMT
server: cafe
content-length: 31004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 05:33:31 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA61 82 KB
30 KB 685ms
661ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=6249119200&adk=3269718045&adf=1367071725&pi=t.ma~as.6249119200&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810412&bpp=1&bdt=1535&idt=240&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8uGmXVVotS&p=https%3A//news-af.feednews.com&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e441a61b10a868d825a33e198de1a3fa9f10ade1eea5c9d9e234e37fdd8055c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 05:33:31 GMT
server: cafe
content-length: 30748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 05:33:31 GMT
cache-control: private

GET
H2 202 pagead Show response
s.adx.opera.com/ Frame D5E0 102 B
226 B 359ms
359ms Document
text/html 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/pagead?pk=s3349331957248&w=1567&h=0&fpil=0&cc=US&conn=UNKNOWN&dt=DESKTOP&lc=en&opr=&ost=WINDOWS&osv=10&pkg=news-af.feednews.com&tk=ff0a1217e3bcdc6e7ea76608859a1b7f&ts=1645248810&uc=true&uid=5a95d436-6263-4407-a82b-da3de8380acd&bl=en-US&cst=UTF-8&debug=false&rf=&sch=4953&scl=0&sct=0&scw=1600&title=QmlsbCBHYXRlcyBoYXMgZGVtYW5kZWQgdGhhdCBhbGwgQ292aWQgMTkgdmFjY2luZXMgYmUgd2l0aGRyYXduIGluIGFsbCBhbHRlcm5hdGUgdW5pdmVyc2U%2FIC0gT3BlcmEgTmV3cyBPZmZpY2lhbA%3D%3D&tz=GMT%2B0000&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&vph=1200&vpw=1600&vr=news-af.feednews.com&ct=BIG_CARD&ct=DISPLAY_HTML_180x150&ct=DISPLAY_HTML_250x250&ct=DISPLAY_HTML_300x100&ct=DISPLAY_HTML_300x250&ct=DISPLAY_HTML_300x50&ct=DISPLAY_HTML_300x600&ct=DISPLAY_HTML_320x100&ct=DISPLAY_HTML_320x140&ct=DISPLAY_HTML_320x480&ct=DISPLAY_HTML_320x50&ct=DISPLAY_HTML_336x280&ct=DISPLAY_HTML_360x375&ct=DISPLAY_HTML_468x60&ct=DISPLAY_HTML_728x90&ct=NATIVE_BANNER_2x1&ct=NATIVE_BANNER_3x1&ct=NATIVE_BANNER_4x1&ct=NATIVE_BANNER_5x1&ct=NATIVE_BANNER_6x1&ct=NATIVE_BANNER_6x5&ct=NATIVE_SMALL_BANNER&ct=JS_TAG&ct=JS_TAG_LIST&ct=SMALL_CARD&ct=VIDEO_16x9&ct=VIDEO_9x16&ct=VAST_3_URL&ct=VAST_3_XML&pubcid=668a7699-a1fc-468d-ab63-7981f9d673a0
Requested by: Host: res-odx.op-mobile.opera.com
URL: https://res-odx.op-mobile.opera.com/adsbyopera.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 03ea881a00594822dc01283736e76f405340057960f82fea71f6473cf22c5a48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

server: Tengine
date: Sat, 19 Feb 2022 05:33:31 GMT
content-type: text/html; charset=utf-8
content-length: 112
content-encoding: gzip
vary: Accept-Encoding

GET
H2 202 pagead Show response
s.adx.opera.com/ Frame 82D3 102 B
226 B 187ms
187ms Document
text/html 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adx.opera.com/pagead?pk=s3480327769472&w=1567&h=0&fpil=0&cc=US&conn=UNKNOWN&dt=DESKTOP&lc=en&opr=&ost=WINDOWS&osv=10&pkg=news-af.feednews.com&tk=ff0a1217e3bcdc6e7ea76608859a1b7f&ts=1645248810&uc=true&uid=5a95d436-6263-4407-a82b-da3de8380acd&bl=en-US&cst=UTF-8&debug=false&rf=&sch=4953&scl=0&sct=0&scw=1600&title=QmlsbCBHYXRlcyBoYXMgZGVtYW5kZWQgdGhhdCBhbGwgQ292aWQgMTkgdmFjY2luZXMgYmUgd2l0aGRyYXduIGluIGFsbCBhbHRlcm5hdGUgdW5pdmVyc2U%2FIC0gT3BlcmEgTmV3cyBPZmZpY2lhbA%3D%3D&tz=GMT%2B0000&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&vph=1200&vpw=1600&vr=news-af.feednews.com&ct=BIG_CARD&ct=DISPLAY_HTML_180x150&ct=DISPLAY_HTML_250x250&ct=DISPLAY_HTML_300x100&ct=DISPLAY_HTML_300x250&ct=DISPLAY_HTML_300x50&ct=DISPLAY_HTML_300x600&ct=DISPLAY_HTML_320x100&ct=DISPLAY_HTML_320x140&ct=DISPLAY_HTML_320x480&ct=DISPLAY_HTML_320x50&ct=DISPLAY_HTML_336x280&ct=DISPLAY_HTML_360x375&ct=DISPLAY_HTML_468x60&ct=DISPLAY_HTML_728x90&ct=NATIVE_BANNER_2x1&ct=NATIVE_BANNER_3x1&ct=NATIVE_BANNER_4x1&ct=NATIVE_BANNER_5x1&ct=NATIVE_BANNER_6x1&ct=NATIVE_BANNER_6x5&ct=NATIVE_SMALL_BANNER&ct=JS_TAG&ct=JS_TAG_LIST&ct=SMALL_CARD&ct=VIDEO_16x9&ct=VIDEO_9x16&ct=VAST_3_URL&ct=VAST_3_XML&pubcid=668a7699-a1fc-468d-ab63-7981f9d673a0
Requested by: Host: res-odx.op-mobile.opera.com
URL: https://res-odx.op-mobile.opera.com/adsbyopera.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 03ea881a00594822dc01283736e76f405340057960f82fea71f6473cf22c5a48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

server: Tengine
date: Sat, 19 Feb 2022 05:33:30 GMT
content-type: text/html; charset=utf-8
content-length: 112
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sync
t.adx.opera.com/ Frame 1716
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60141%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ft.adx.opera.com%252Fsync%253Fvendor%253D60141%2526uid%253D%2524UID
https://t.adx.opera.com/sync?vendor=60141&uid=6059698798055169538

0
321 B

37ms
19ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60141&uid=6059698798055169538
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 05:33:30 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 064d259d-f54b-462d-b053-86e47f3ba2f1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://t.adx.opera.com/sync?vendor=60141&uid=6059698798055169538
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 1716
Redirect Chain

https://creativecdn.com/cm-notify?pi=opera
https://creativecdn.com/cm-notify?pi=opera&tc=1
https://t.adx.opera.com/sync?vendor=60039&uid=ibYaFA8ySjji0sIg56ZP&pi=opera&tc=1

0
321 B

21ms
21ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60039&uid=ibYaFA8ySjji0sIg56ZP&pi=opera&tc=1
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://t.adx.opera.com/sync?vendor=60039&uid=ibYaFA8ySjji0sIg56ZP&pi=opera&tc=1
pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT, Sat, 19 Feb 2022 05:33:30 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 1716
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=19F0113274645707

0
321 B

19ms
19ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=19F0113274645707
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
last-modified: Sat, 19 Feb 2022 05:33:30 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=19F0113274645707
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 19 Feb 2022 05:33:30 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 1716
Redirect Chain

https://ups.analytics.yahoo.com/ups/58484/occ
https://ups.analytics.yahoo.com/ups/58484/occ?verify=true
https://t.adx.opera.com/sync?vendor=60112&uid=y-WDIXtv9E2uFnT2cKBecxB2ksY45y7YU_9tnt3I8-~A

0
321 B

27ms
27ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60112&uid=y-WDIXtv9E2uFnT2cKBecxB2ksY45y7YU_9tnt3I8-~A
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:31 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://t.adx.opera.com/sync?vendor=60112&uid=y-WDIXtv9E2uFnT2cKBecxB2ksY45y7YU_9tnt3I8-~A
date: Sat, 19 Feb 2022 05:33:31 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
t.adx.opera.com/ Frame 1716
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D$UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60124%26uid%3D%24UID
https://t.adx.opera.com/sync?vendor=60124&uid=214924437215111384383

0
321 B

53ms
20ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60124&uid=214924437215111384383
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adx.opera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:30 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://t.adx.opera.com/sync?vendor=60124&uid=214924437215111384383
date: Sat, 19 Feb 2022 05:33:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
60ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 05:33:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E50 13 KB
5 KB 88ms
39ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Feb 2022 15:25:33 GMT
expires: Sat, 18 Feb 2023 15:25:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 50877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6DC3 783 B
1 KB 139ms
51ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8172dea8749aa8e0527d40072cf644e9071d7e3311b43bfa905ed3fb2fffbf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZoPKNiz3SjaJ1UTzma2W9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Feb 2022 05:33:31 GMT
date: Sat, 19 Feb 2022 05:33:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ZoPKNiz3SjaJ1UTzma2W9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E50 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6DC3 0
0 63ms
63ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=1962652258617211&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 9E50 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 8DBE 4 KB
1 KB 133ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=2955907309&adk=1733093989&adf=3927839168&pi=t.ma~as.2955907309&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810410&bpp=1&bdt=1532&idt=223&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zQuxq8Bi1X&p=https%3A//news-af.feednews.com&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 04:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Feb 2022 05:33:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8DBE 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8DBE 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8DBE 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:31:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8DBE 15 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:17:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DBE 124 KB
38 KB 153ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H2 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 8DBE 28 KB
12 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 08:01:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 10:18:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8DBE 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs5LbKoEQYurxKobe3wPz_Y74A_qY37do672lsqwMoJ2Pj5IcEAEgn5CSYGCV4pCCoAegAbrb45gDyAEJqAMByAPLBKoEuwJP0DIek2-H9XKjhOP6u_T9uNIrdZUyxZ3uw6nfype47OKI0CztNzZOwWZJxP3KPDf7LvETpfvf2ZjHSxuC2j3RvO6rNRWE6IG76VuvbQKsGi90jiL4Hu7SNIa8m7zURmgxNF_7p5nQtTpvvpooN_vBqPERRG3jSZkDMZfNbxVyUKHrAgVu6TfaYmsxtX5OIq3zyN12HhZS2Sa70zWBBTmAIm7-XAaXQcEn0Auw9xOU9YpC1vugBpYtyrLbT9OU-aej4legBBdg7BBJ5hkPD18scUEWk0xvlrb5alpBcabcuC5rjHw5xGtrfUDlDOEP38pzL3DcQUMEtMYmPIhl1m0WLNdcvu0ya9fDfUveC9oNPG1wN-1Sn7FN2DqVBt2yX-Wl6wTUEfdrWGyZxMIDw_FjtdbN5ir9Bw1bbHHABOjtpeqjA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeupJxnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsq8g0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xODgzODEwODQ3NjM2MzU1GAA&sigh=tGXWwRoF3oo&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=2955907309&adk=1733093989&adf=3927839168&pi=t.ma~as.2955907309&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810410&bpp=1&bdt=1532&idt=223&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zQuxq8Bi1X&p=https%3A//news-af.feednews.com&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 19 Feb 2022 05:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
DATA 200
OK truncated
/ Frame 8DBE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=1962652258617211&bg=!VlWlVRHNAAbf-5Dq3_s7ACkAdvg8WmWueg-MTZcb0Jh5wt7TvwRRTOsl8ixmrX8rMRLEn7TjWPRnhAIAAABVUgAAAAFoAQeZArLohQW6VGEuBDcHxoMbs3E1okTHjQiVkL1h0117oZ6nN77TBpAtrgJkinyt2HNYtX8D6v5zr-PLc_cugygrcavuADPh6yjpnjKIPRAAgpY0luA6k2L9kGGIlU6N1aW2BmgYYU2fUzNqFkxAeyeGxuO9nWVbOCPPF5aRtNRAQf2Kpo6yNVnqIAstImkUpE5STNFwMSHPhpIAVIPjvDaEQe87Jrs2lROQRO-WZ4kRGu6RANJeY8lvIwdcTK9lGxtl8LR8yXGrYqF5YryUCqLZtk6EFA1JGfeKpc-JoGwWEyrq9A_kyD1-hQUFQQvjnTNPzEAs6_v8ra5xQl1ZiyLBaceroekIWZR4OLw71qeXT2ZBZU_F693PZGgoU61SVbzqnN-bqR7nwknVjDf3yUHnjwBaMPtrDXGziKgNaNXT0XrNSxYoSbYZF1pqdEoVAy8awH9zUm8ej4t1TmTD-es9FW1aUoAazi-5CwO-__Z1qay7-qmtFrDqz37sr74Iq6lHV2oft9oEJw-Qgfj2ETJunOe-sY_MhilzOqd39Cu1AdqPqphxoMF11-l65Ie5y3vUnt3T5RxFLpMvanl26TLBcjkQz1lsRKPRmqGg8vd4ZgD26x_4cqg670h-RY_n2T9ycA3BrBGngA2VCeuRXVEudaAbjCrWKtSyHTPbQdNw1gxpf1mU2fnHpwAC5L2hbF7WgNIXdU2G0e-42gsDfEhEJjUQFkv1BwEDtQKaqk8b4VZZTpPBfpMMUTiEumUrcGYkqjs4WIsqIlGVH_bt16-iOFSt0LgNkYCP2XmMuZyZ56HqHgRBNI66nenNilGWIGdTLwGat-osDr2Ox88D6s_J85tN3agAMlsjSiv_QOGQxT6SbR04T5M3wKhIVpoujj3f5I2axp2eLTwqpknLRML4AaL_m88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://news-af.feednews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8DBE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 667e8e0e9a6d86f2e9ce19ebe167ea475ac1c8ef3f93b7e6c577e7507a2a156c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame BA61 6 KB
670 B 96ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=6249119200&adk=3269718045&adf=1367071725&pi=t.ma~as.6249119200&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810412&bpp=1&bdt=1535&idt=240&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8uGmXVVotS&p=https%3A//news-af.feednews.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 04:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Feb 2022 05:33:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame BA61 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame BA61 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame BA61 2 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:31:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA61 124 KB
38 KB 96ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame BA61 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:17:28 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame BA61 28 KB
11 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 08:01:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 10:18:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA61 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpEwxKoEQYuH7Ku6LjuwP8bmz6AnL_tq9aMCxgIupD5aCzYWIFhABIJ-QkmBgleKQgqAHoAHf4pCYA8gBCakCnSkMHmn-sj6oAwHIA8sEqgSzAk_Q6SbmYOJ2xj2k0Lvokjwq-2PkuDd8Hp7ilLWeBZ0f4kBAQTHeAlGU2ghjxV8M5Fdbxfy1elHx5whFC-94utZIGCvkKvKXcOJppJixjmqlTk6f5zJypzfup16CW-Y447prNBwpXMp9jZaTnti0OD9IYFRThsxHCG8TNJOIL8nRi7VtGCULOpw62y4AICyaNEq1qkb2o-3q2Hc8_A9w4ZX4eWU_NvVIF5VyCFVLST-ieWfjrgvyJjPyIb7P3T4sZAA_smBkEm7A21C9mzwrEM_tIhCiOMsgre2HbXwNEpI0ICz3UEpHSi8RIZiCA4j_WK_gCXMGUjs7njD9glDoTukwKWR7WNAx7EgmELweK4vMWznYNRtbdidb8Py_h61PGHgzN4zDVrDASDwrZEZHeBtJy6DABLPct4iGBJIFBAgEGAGSBQQIBRgEoAYugAeJne9nqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1_M_0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTE4ODM4MTA4NDc2MzYzNTUYAA&sigh=ibmyjeh0Rzk&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=6249119200&adk=3269718045&adf=1367071725&pi=t.ma~as.6249119200&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810412&bpp=1&bdt=1535&idt=240&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=4699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=8uGmXVVotS&p=https%3A//news-af.feednews.com&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 19 Feb 2022 05:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8DBE 16 KB
16 KB 137ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 259213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 05:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8DBE 15 KB
16 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 297222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/11972975995680761818/ Frame BA61 59 KB
59 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11972975995680761818/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45571361c709a66e1f3ac1065e0bd9512ec0872ccaad4c2618a6303dbb1f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:33:41 GMT
x-content-type-options: nosniff
age: 165590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60706
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 16:19:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Feb 2023 07:33:41 GMT

GET
DATA 200
OK truncated
/ Frame BA61 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7494c9241158239ef1288f641c49d38579eb901eacd1a3b4795460ea02bdd4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 3BD2 8 KB
888 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=4612603903&adk=3574579233&adf=2254609832&pi=t.ma~as.4612603903&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810411&bpp=1&bdt=1533&idt=235&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DeCinMWVYH&p=https%3A//news-af.feednews.com&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 04:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Feb 2022 05:33:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3BD2 2 KB
904 B 55ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 3BD2 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:30:39 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3BD2 2 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:31:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BD2 124 KB
38 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 05:33:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 3BD2 15 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 05:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 05:17:28 GMT

GET
H3 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 3BD2 28 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 10:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 08:01:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 10:18:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BD2 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2nyBKoEQYs_zKpmOrATf2YboAsv-2r1owLGAi6kPloLNhYgWEAEgn5CSYGCV4pCCoAegAd_ikJgDyAEBqQKdKQweaf6yPqgDAcgDywSqBLMCT9AEGjrbRznUpZMdeUfKq-jw3h4R8siAfaqQHEQt9OBQrCXxE5bKzR8uIlhrPXY9MTwO1e7EPIH3YUhpDC2KHatuTwx-i3KkzOSl5tFAjmLRqCZApKFUJqBWOI0uaqMUf04SAWJwv1Uf_wXDgTTdNKaz9ysO6oSXYDmVT9D6j8OwABswCPQJwDQQmBhcEonVNhVbFiQDhgnoFlX4IRmRceLl7rJK2KLR7DMAEVxxVYGOzKaDgP7zlGqsVDEjrHd6_nnvUUPMqZ7dki3Vlh65z_-72Kh8X8wzjXr_ji9Gz0gsrA5BTn3xFS9kIyOQ4gj4Pj4tP4Tp3vRW62f4IAP-vndbe9LlGUURx0W_S-lMtOvaV31MKJ3gV_B3LjDAQQzwPWyT50P6SZ8_OoJuoyVhpg1HNcAEs9y3iIYEkgUECAQYAZIFBAgFGASgBi6AB4md72eoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDj_xLSCAkIgOGAEBABGB-ACgHICwG4E50n2BMNiBQB0BUBgBcBshccChoIABIUcHViLTE4ODM4MTA4NDc2MzYzNTUYAA&sigh=ruCyuYvaIzM&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1883810847636355&output=html&h=250&slotname=4612603903&adk=3574579233&adf=2254609832&pi=t.ma~as.4612603903&w=300&lmt=1645248810&psa=0&format=300x250&url=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645248810411&bpp=1&bdt=1533&idt=235&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8056209827208&frm=20&pv=1&ga_vid=1858670246.1645248809&ga_sid=1645248811&ga_hid=1751471073&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44758227&oid=2&pvsid=1962652258617211&pem=573&tmod=2068723351&uas=0&nvt=1&loc=https%3A%2F%2Fnews-af.feednews.com%2Fnews%2Fdetail%2F7a2fd6f58232f8c4d8f418f436689c43%3Fclient%3Dnews&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DeCinMWVYH&p=https%3A//news-af.feednews.com&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 19 Feb 2022 05:33:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3996414199719823959/ Frame 3BD2 966 B
993 B 56ms
56ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3996414199719823959/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95704a8e9277e02b838c1efc72c971e8afbc9c53feb8c5c485a5f9dfd7b16b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:33:25 GMT
x-content-type-options: nosniff
age: 165606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
last-modified: Sun, 28 Jul 2019 09:39:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Feb 2023 07:33:25 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11972975995680761818/ Frame 3BD2 16 KB
16 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11972975995680761818/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f835cdebbe9381368fb619d9b95514d00c1c9a0d7f76e77a2ccef168382f52d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 10:00:56 GMT
x-content-type-options: nosniff
age: 156755
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16325
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 16:17:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Feb 2023 10:00:56 GMT

GET
DATA 200
OK truncated
/ Frame 3BD2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36b994d8afd610127921b214cf681b241c0d29bad8a6ad1b222cff9c38846120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3BD2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA61 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e41dbd8a2ebabb090e20a93e412dde9fc387b05061cc5556dc7b49342bd0163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA61 15 KB
15 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 297222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA61 15 KB
16 KB 65ms
64ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 293136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BA61 15 KB
15 KB 74ms
73ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 238254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 11:22:37 GMT

GET
DATA 200
OK truncated
/ Frame 3BD2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ea1404adf42e643e08aa2ee900043447ff5ac74fbffe9437537b8e5a92fa510

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 3BD2 28 KB
28 KB 85ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options: nosniff
age: 103269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Feb 2023 00:52:22 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14237097783510299641/ Frame 8DBE 10 KB
10 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14237097783510299641/downsize_200k_v1?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be57163c7eb0ab7030e8c83e31b4e70c3db9baab245df0b24f1dc819c01e7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 03:15:47 GMT
x-content-type-options: nosniff
age: 440264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9904
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 21:20:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 03:15:47 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame ACAA 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AFE 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame B2DF 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 20:36:45 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8DBE 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWnrS_e7PVlujlPDfhXk8e0BGD3vfS9LduhFY94lXtfOeoM5ioV9dhiBnKggBKLG8piIA0TrdnbgeMVx6sIM3ogSA-pgKgnubzWDNmJQaC9oXg4gX0mg&sai=AMfl-YQ9F3Ft3rwGhCBgMvnZ2D7wZWF19pCRKjf133kYjBtuDzLgvJcwp-Mf_SKThvrxQP056Rd7qMe-D_Xo&sig=Cg0ArKJSzB7LcyKxCTjGEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&app=0&itpl=22&adk=1733093989&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645248810638&rpt=929&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 05:33:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?JdUN1w

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.feednews.com/	1970-01-20 18:32:00	Name: _ga Value: GA1.2.1858670246.1645248809
.feednews.com/	1970-01-20 01:02:15	Name: _gid Value: GA1.2.1984814058.1645248809
.feednews.com/	1970-01-20 01:00:48	Name: _gat_gtag_UA_136595950_15 Value: 1
news-af.feednews.com/	1970-01-20 09:46:24	Name: _pubcid Value: 668a7699-a1fc-468d-ab63-7981f9d673a0
.adx.opera.com/	1969-12-31 23:59:59	Name: UID Value: 5a95d436-6263-4407-a82b-da3de8380acd
.3lift.com/	1970-01-20 03:10:24	Name: tluid Value: 214924437215111384383
.adnxs.com/	1970-01-20 03:10:24	Name: uuid2 Value: 6059698798055169538
.feednews.com/	1970-01-20 10:22:24	Name: __gads Value: ID=564e23e91c285f5a-225a08aa44cd00ac:T=1645248810:RT=1645248810:S=ALNI_MZ3nJg9EQyU6THlYbf6upfzY-Houg
.creativecdn.com/	1970-01-20 09:46:24	Name: u Value: ibYaFA8ySjji0sIg56ZP
.creativecdn.com/	1970-01-20 09:46:24	Name: ts Value: 1645248810
.yandex.ru/	1970-01-23 16:36:48	Name: yuidss Value: 8248618291645248810
.yandex.ru/	1970-01-23 16:36:48	Name: yandexuid Value: 8248618291645248810
.yahoo.com/	1970-01-20 09:46:46	Name: A3 Value: d=AQABBCqBEGICEMR2G0E0qVR-gmiTxDoxcbYFEgEBAQHSEWIaYgAAAAAA_eMAAA&S=AQAAAoqgxT6tDqLsOwyrbJHYKCA
.analytics.yahoo.com/	1970-01-20 09:46:24	Name: IDSYNC Value: 194k~23bh
.doubleclick.net/	1970-01-20 10:22:24	Name: IDE Value: AHWqTUlZBTPfg6nCogKX2NL10AXONSiy4UOpgErAnfsUgybygQnwkuoKK5wBx4jzSyI
.doubleclick.net/	1970-01-20 01:00:49	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://s.adx.opera.com/aframe Message: Mixed Content: The page at 'https://s.adx.opera.com/aframe' was loaded over HTTPS, but requested an insecure element 'http://ib.adnxs.com/getuid?https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60141%26uid%3D%24UID'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
an.yandex.ru
creativecdn.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
news-af-2.feednews.com
news-af.feednews.com
pagead2.googlesyndication.com
partner.googleadservices.com
res-odx.op-mobile.opera.com
res.6chcdn.feednews.com
res.adx.opera.com
s.adx.opera.com
stats.g.doubleclick.net
t.adx.opera.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
104.18.18.243
142.250.186.98
162.159.129.82
185.184.8.65
185.33.221.53
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c03::9b
2a02:26f0:fb::5f64:9968
2a02:6b8::90
3.126.56.137
76.223.111.18
82.145.213.6
82.145.213.8
03ea881a00594822dc01283736e76f405340057960f82fea71f6473cf22c5a48
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
19baea3033c190d3423f6da8296efea37448b54df3f5dd76acdb39037e6d66e6
1fda13d33f8a8bd3f9ea1c77bd5be5e609b2c3461ab7b8fa947fecbcf4c55cfa
2bddb635dac3dbc3829f0ee0b38ce8574aa2de3a9c60af5f1467f636ea83e584
2c22da5a3ae699a15030ff2dd948fb4768da784776867cc0bd834d3941fa45c2
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
329420b0a47f69760e4809709789bf3082acff188be0cc3e6986c333eed15072
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36b994d8afd610127921b214cf681b241c0d29bad8a6ad1b222cff9c38846120
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
4776b907f487ea36b4779c4f353892ebd4cc6d5e1018e2cefa424aea1b76dccb
4cfce64d0b1c018ef2215a78dc76d1ae65674b91e57c58ebe6ddca235632134c
4dd674aabd5510ce72be12dea8d186aa3f6b28c390901781942ea4f529cce455
4e41dbd8a2ebabb090e20a93e412dde9fc387b05061cc5556dc7b49342bd0163
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5ea2a4ffb029bcd7f513695bd1fa5e2930fb16d53dbb734dfaefd15b85bf7e64
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667e8e0e9a6d86f2e9ce19ebe167ea475ac1c8ef3f93b7e6c577e7507a2a156c
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691a733afc9d8b99b8adc378ae7ac62e7fdae71fd35f6b511b6d2ffef50630d9
6a45571361c709a66e1f3ac1065e0bd9512ec0872ccaad4c2618a6303dbb1f45
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be57163c7eb0ab7030e8c83e31b4e70c3db9baab245df0b24f1dc819c01e7bc
6e50c3c0d0dd92899cabafcbee9cc437c3c9e0b52920462955b4a0f43b758daf
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
845fe30b8a8e03d61bd99a2514662b1008b3dc4b071dea06e5f5b9aa3b1e8ae0
858d4b57253ada9a210366c80c589b70c2bfc099460407c9951a85c37c48ee2f
95704a8e9277e02b838c1efc72c971e8afbc9c53feb8c5c485a5f9dfd7b16b22
99bcef986e663ce0c5a810ace3b6a7c0f9c1cbb8d925bb7460e9e6285e2f5af0
9ea1404adf42e643e08aa2ee900043447ff5ac74fbffe9437537b8e5a92fa510
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
b89a38e0031c4e0f3dddf6514aaa82d8c99d7a2deb66b6aeb6e6edae40dead22
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdfa7758918ac303487b91e3ebbeda2edf1044dd4cbee275abb3c78cfc55a5ed
c4ccb604e925b3e11823f3497444a3eeab1c12ab946717f0eb68d542b9412930
c8172dea8749aa8e0527d40072cf644e9071d7e3311b43bfa905ed3fb2fffbf2
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
d23db477141713690f3dae2f5938cfd74a6d28f85415b4a85844f895dd2d3f1f
d3300e9f9b44f6bbfcd1483559be3858022ac27c6b95d9c3357ddab00e6697cd
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df65e493db2139b408ba8d08de15cad3a3c02db4478eced10c24295daf405d61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441a61b10a868d825a33e198de1a3fa9f10ade1eea5c9d9e234e37fdd8055c1
e7494c9241158239ef1288f641c49d38579eb901eacd1a3b4795460ea02bdd4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f830f0c441b119c3d592064d5cee4d32b17bffdca9f7540b1bf1a92f896e846d
f835cdebbe9381368fb619d9b95514d00c1c9a0d7f76e77a2ccef168382f52d0
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa27047926fdd10529ae8f8c6d61b9093b1e49253b9791bffa750595601e3ce2

news-af.feednews.com Open in urlscan Pro 82.145.213.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

93 %HTTPS

63 %IPv6

17 Domains

26 Subdomains

20 IPs

7 Countries

1084 kBTransfer

2575 kBSize

16 Cookies

5 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news-af.feednews.com Open in urlscan Pro
82.145.213.6 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

93 %
HTTPS

63 %
IPv6

17
Domains

26
Subdomains

20
IPs

7
Countries

1084 kB
Transfer

2575 kB
Size

16
Cookies

86 HTTP transactions
7 data transactions