sabaq.news Open in urlscan Pro
2606:4700:3030::ac43:cba1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sabaq.news/
Effective URL:
https://sabaq.news/
Submission: On December 02 via api (December 2nd 2023, 12:45:59 am UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 8 countries across 25 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3030::ac43:cba1, located in United States and belongs to CLOUDFLARENET, US. The main domain is sabaq.news.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time sabaq.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:303... 2606:4700:3030::ac43:cba1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:d600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:6c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:c000:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	131.153.206.103 131.153.206.103	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:8800:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.194.196.88 54.194.196.88	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
102	36

21 2606:4700:3030::ac43:cba1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sabaq.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:6c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:c000:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8800:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wpcdn.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	144 KB
21	sabaq.news 1 redirects sabaq.news	425 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	216 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	173 KB
8	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	62 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	8 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	668 B
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 55535 get.optad360.io — Cisco Umbrella Rank: 39286	226 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367 invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	2 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	407 B
2	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 8238	585 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628	25 KB
1	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 8882	35 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	418 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	351 B
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 61231	3 KB
102	25

	Domain	Requested by
21	sabaq.news	1 redirects sabaq.news cdn.jsdelivr.net
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	s0.2mdn.net	sabaq.news s0.2mdn.net
8	cdn.jsdelivr.net	sabaq.news get.optad360.io securepubads.g.doubleclick.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com sabaq.news
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	gum.criteo.com	1 redirects static.criteo.net get.optad360.io
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	sabaq.news
2	googleads.g.doubleclick.net	ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	oajs.openx.net	1 redirects
2	onetag-sys.com	get.optad360.io
2	ssp.wp.pl	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	get.optad360.io	sabaq.news get.optad360.io
1	std.wpcdn.pl	ssp.wp.pl
1	match.adsrvr.org	get.optad360.io
1	www.googletagservices.com	ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	prebid-eu.creativecdn.com	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	cdn.optad360.net	sabaq.news
1	cmp.optad360.io	sabaq.news
102	36

This site contains links to these domains. Also see Links.

Domain
en.optad360.com

Subject Issuer	Validity	Valid
sabaq.news GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2023-03-09` - `2024-03-14`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS RSA CA G1	`2023-05-06` - `2024-05-17`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://sabaq.news/
Frame ID: D760A59F92DFBCC0E82CAF810BBCAE66
Requests: 56 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sabaq.news
Frame ID: B6738B6745BC01F93E9C85547E86835F
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 25257BC3C54613A62DAF927A549A845D
Requests: 1 HTTP requests in this frame

Frame: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C565E5208F0A11820844022523B254B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD150569F4AD3FDB9173395C19E06775
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7626AE100CD61E54934249C63FDD46E7
Requests: 2 HTTP requests in this frame

Frame: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A60174B3E1DFEF1DC94169BC449CA1A7
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EENDH9a0EGLXh7P0BMAE&v=APEucNUnC-NVIeSd_XhSYWrcd2DryXsXmAK1o42CmCO-eyr_26AnVWN2NP1HdFXcddAGLygerCx92GNh8BgJiz6PMZDoCgacPI5yVuy3Lrbre4FgGuI23vb2rnQ3TGjF-7kD1gSYCNCYAAKEM1h5y_jT1rdhi0r5snq34VJcVO0stGu5zY2gn4Z3uD5jKIAIY-k6-tdpPfQtn7gcsidVMXwMIExvWZATkQ
Frame ID: E3089BB3EEE67F6E7A01C656AA3D3FE8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7956F6F4A4C4BF3D6D125B81068CCFA9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
Frame ID: B9A9443E5782696A1DD00998111879AA
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701477953801&gdpr=0
Frame ID: 9B997D4C86E0605D5F84B88D3FD1384C
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=22904268605517197000&sn=mc_adapter
Frame ID: D5081D105B9B36803FF5ACD972C634DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

صحيفة سبق

Page URL History Show full URLs

http://sabaq.news/ HTTP 301
https://sabaq.news/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

102
Requests

94 %
HTTPS

51 %
IPv6

25
Domains

36
Subdomains

36
IPs

8
Countries

1456 kB
Transfer

3588 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=sabaq.news

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sabaq.news/ HTTP 301
https://sabaq.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://oajs.openx.net/esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp&cc=1

Request Chain 49

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sabaq.news&sn=ChromeSyncframe&so=0&topUrl=sabaq.news&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YXnHRHx2MHE2Q0hFWll1VHpmb0cybzhJQStSdEQzY0x3RVBWSHRZOWpnREdxNXZGWUlheHd5SzNFaFlEMkxGa295b3U1dEZzQkpBWmp0c1c5RlNvbkhsY0RoWEt3Nlc0TTRQUmZoNjE2M0FSd1B0OEVaWWtLNjVzQjdQUnpSNmU3eEJ0MDlMc3ZsRFdRcm9yT3lUdncwUkZKMzNQcURUek9lZE01L3N0Q2VXZHNPV09GNlo4TFVTZHJERHRqT2hNTkRQV1RsMGRsQkhtdE1JRTVybHJoM3Q3WXpVYms2cTQ5QUJHeFcxeWdxRlBMQ2E1bThyamN1bDlrcm5SejBCQWo3QzJRQTNpVmtOMkFySlZTbm8zNjB5ak56Zz09fA&cppv=2

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGnRkgDewJRPwodifUpx7w&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWp.QpwLOG1bUk.LO2G6qAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ57zxWOCpfyrzQSz232xGE&google_cver=1&google_hm=2

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPstIjCIlmz2dLfGhgFnrvQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPstIjCIlmz2dLfGhgFnrvQ%26google_cver%3D1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTIxNDc3MTE0MjEwNDk2Mw%3D%3D

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sabaq.news/
Redirect Chain

http://sabaq.news/
https://sabaq.news/

160 KB
36 KB

365ms
341ms

Document
text/html

2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4917fb75a854551d57c00c416dd9d24265b1e59a8a81a09359905f2f64faf15f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ef8cb75f015d57-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 00:45:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ6HNuMBJ0KnCEdYYXpN3qDjWvJl%2BsHkVkYbxr3XTLNpYuqnOp%2BciJmEoR0Kf99jS%2B6Ywsl7ph9cDiVRbVRa4gmMJ9reM9ehR%2FFc0%2BEvala3O9yAqdlfnikLWgQRbBiNn5FFzJMXnQBB"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 82ef8cb71f8a5b92-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 02 Dec 2023 00:45:53 GMT
Expires: Sat, 02 Dec 2023 01:45:53 GMT
Location: https://sabaq.news/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ota30eQgy5RXQ90PIaOFc1VoRpP7iPYll9RZZ%2FaDG5IOrs0a7lVEIwW8lMPQEOTfUXkIUvn0XF3tX4i0h458MlscKYslg%2BNKfThaB91YGZett24ECe6%2F4ji6q3Z4xRKtaPf0xkPbqpFj"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 8c82c60f-d25f-4dc4-89e8-5b7905fafb95.min.js Show response
cmp.optad360.io/items/ 3 B
391 B 95ms
8ms Script
application/javascript 2600:9000:2156:d600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/8c82c60f-d25f-4dc4-89e8-5b7905fafb95.min.js
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:28:54 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 13:00:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 577020
etag: "8a80554c91d9fca8acb82f023de02f11"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3
x-amz-cf-id: Gww7etdRbp6tmvVsGUc7jfYioVukIPVbkrXMCEpGb9srsyxi5-E69g==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/2f3fea51-1fc1-424d-a722-fd87f4982875/ 281 KB
61 KB 52ms
7ms Script
application/javascript 2600:9000:225e:6c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/2f3fea51-1fc1-424d-a722-fd87f4982875/plugin.min.js
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a231b469a8c7a0d7eb6a642573e54f74a2893ae20b1a7434826f0c694c42aa6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:07:52 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 10:16:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 23882
x-amz-server-side-encryption: AES256
etag: W/"8a26b5e03b71c39151b75cd490710f30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: fOQ1Y8I8sWKgrQPWODyzhO7ZLnu6w1p-6c0XGc6URNm7Z-vicB7uXA==

GET
H2 200 DroidKufi-Regular.woff2
sabaq.news/wp-content/mw-fonts/droidarabickufi/ 31 KB
31 KB 98ms
98ms Font
font/woff2 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sabaq.news/wp-content/mw-fonts/droidarabickufi/DroidKufi-Regular.woff2
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Request headers

Referer: https://sabaq.news/
Origin: https://sabaq.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Jan 2023 21:16:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpB9fkYOGwcE8rsrXjW8lOb1piH396BotHafD%2FeMCxg53VnvGfbOO3Es26PJEBMzfIBJLY9OOQ4SomFI0fd0CjAf1IWm9bIrc10VEqQbYjl2uSHrluTFPIVBgPvVW67cakbuO2M0Eab8"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cb9883c5d57-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31248

GET
H2 200 DroidKufi-Bold.woff2
sabaq.news/wp-content/mw-fonts/droidarabickufi/ 31 KB
31 KB 99ms
99ms Font
font/woff2 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sabaq.news/wp-content/mw-fonts/droidarabickufi/DroidKufi-Bold.woff2
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Request headers

Referer: https://sabaq.news/
Origin: https://sabaq.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 31 Jan 2023 21:16:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tp08cu98nBO7f2MtzSrPXcViw7ikSbeA1N7Zp1fIXwp7UjATM0N6ElLIi94o1qCUo7fKvreJKGsjoXF0yce6iLmcwLPLG57KHajuwYo7d%2B8Ig%2BYZz7AUlXyg3%2FD3Wy6V0%2BxQ5cdVJcDi"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cb9883d5d57-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31544

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
32 KB 34ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2573678
x-jsd-version: 3.6.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230063-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYmGSmMPU%2FYI4HXgMUPjczMyNuFxqrRiG6%2FxEM%2FxROXOVoTeeOXdbYZEvpXiqziAHfEAlsSvVkvJ7MLE%2F5aufDW5aomE6ok%2FjPW5iG7rfjIMgQX%2BPOYv2dFCCZeVz4f0KcOJaseeDkJ8c5z8yQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cb9fc901945-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/css/ 35 KB
6 KB 18ms
18ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/css/bootstrap.min.css

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59ad8ecb411fa29c04fb3739b7f9623129bff121b0f45eb960c9d6df01e184d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2035796
x-jsd-version: 1.0.46
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"8cb7-wVQ+oan+f7I5rItScvhcavDYliE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyZoeruO4fvE3ZAh7PoMPVHDI6k0kvGDxb%2By0o16EHAZov2xNWfSULyMnT20VMzM%2BYKzp0%2Fqo2sBINNfe4GurbLL8Ktn2sZnSNdoxwIXAIlFPXzBqkhelsSaZSPQmzl6oYZEbfk8xNsHs%2Bs68MA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cba0c9a1945-FRA

GET
H2 200 lazysizes.min.js Show response
cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/ 8 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/lazysizes.min.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 82898
x-jsd-version: 1.0.46
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1eb6-4XAqtVBSXOtbcGKj9mfCod0Y84E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHq0jbkKijyF1nk9XxBvsflxyaeL7diyyBTxM5DkJ3p57o6uYNMUGV%2BcZE7FXh72g8E2O2rxvMJ7KcDWzx%2BBN6bvKZs06PAK28C7GNreVOGJm534hbqFJX88EHWWigEQ%2FWCvdJeVa8PT%2FR0YqnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cba2cab1945-FRA

GET
H2 200 marquee.min.js Show response
cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/ 9 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/marquee.min.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 239320
x-jsd-version: 1.0.46
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230033-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2345-x4Nvs+th+W5si8A0TXfPVhh5gxU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKtoiVpxDhIjUHC9MmZMjJNMroYwhcjgnxmm%2F%2FDUVJuLxYzsz2TDSv8mwJ3YOzPnNtDYV33O886Ae6b9rlBuP2yDTeIVtapy%2BGyjLHBkYUl2wgDc4QezbXHhsVpvnRCcS3f8GZup0s2w7siXBSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cba2cac1945-FRA

GET
H2 200 infinite-scroll.min.js Show response
cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/ 25 KB
7 KB 16ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/infinite-scroll.min.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb69b5294ac12bd21822517f697710a3d23176f26f42d01f795b9ea33aa619d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1541993
x-jsd-version: 1.0.46
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63ed-zUXNkP77GaT1PjHOZDaqcRhbrk8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgbJ%2B4RhogEztk4jo95WWYNxdi8Vsy6ZPcK999CkpAivGotC72SJXKkllx6VNW3OMID%2BfhPkah8XhviQfCOQpFbnGsl%2Fq3scH5OnvoJwh%2Fo3S86iblQJGTX5msyQxeQqVir%2F04vYx2HxDPBsQp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cba2cad1945-FRA

GET
H2 200 cycle2.min.js Show response
cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/ 25 KB
8 KB 18ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mt-boost@1.0.46/dist/assets/js/cycle2.min.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d8a679fbaf5b0981e0fed2a8c33213d0a75adf97a10014a449b3bca4875544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1965874
x-jsd-version: 1.0.46
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6250-BHqzlSjRlp8R8w/uX1k+Qycapms"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOiDQJYRlIKpyhFhnVj6S9IAD4d%2FuiFS9huZVA3ZEMjWtJZa2DQyAJ3T0v3vZJFyx%2FI77bmHY%2FAdtMw3AeDNkNqeZ%2B14hkj760pdnUjajcm%2BiSEZdzjxm0E9taW8AqHWstAgdFCFk8FgOor5rHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82ef8cba2caf1945-FRA

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pattren8.png
sabaq.news/wp-content/themes/lightmag/assets/images/pattren/ 1005 B
1 KB 19ms
19ms Image
image/png 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/themes/lightmag/assets/images/pattren/pattren8.png
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd69fe60a34605ef29f514f62a2ceeb8b679393a99ed451e717c8549a23e31c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 20:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1933
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghH%2B%2BXm%2BA8%2Fi6X4Sl3gwS2gSwWkXuu%2FpP3rlxhnAAqoxfo0CWETjbpVkgV7nIe5Shh6UJ2IX1ylHpki21cuEYF2KYUaMUsvTouBysQL7wn%2BI6BmdC0AwCRuOxnfrfzCtc1%2FCk0KQO%2Bnh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba399d18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1005

GET
H3 200 1627559357-7bi6eyuja76wy9hydiket2golgfhj11pjzbe34czh2j.jpg
sabaq.news/wp-content/uploads/cache/ 13 KB
14 KB 95ms
95ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/1627559357-7bi6eyuja76wy9hydiket2golgfhj11pjzbe34czh2j.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff6a38af0862864d5c5b66f401cacae3080b56add8f5923d624e5b3e17c2522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 19 Sep 2023 00:51:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxSNymYf8aOIyGevlIfspzgRGu7rAp3lRde7NVIYoU5HenlBkkRuwRvj%2Fi324uc150G%2FkziSqIk6tepvGXJ2XO9q2OJF8y5FNfXYxbp5%2BtGeFN9xWSYdaWuPFWG50QjzkEMzUMTVkw0Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59be18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13542

GET
H3 200 20230719114307-7bbiv1zip0deffroew5gdi6hub1k1exly8pzpw0edrf.jpg
sabaq.news/wp-content/uploads/cache/ 14 KB
15 KB 109ms
108ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/20230719114307-7bbiv1zip0deffroew5gdi6hub1k1exly8pzpw0edrf.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d8551f2129ca4fb4901b47c52ae9b9f4bfb79503c55576324c7688f54018b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Sep 2023 08:09:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvcSUM3PCChtBtg%2BmY6io7ImAnXU4fIULBL85y%2FRlhGVtab4o%2FM60%2FS2bOGIoqWJvbSJZI4XDoGwl7x5MT6CP8NXqEiXtxgwVXi6QFyy89YRByrVqcRB76H8FqJ15IUBawuK%2FEoa3CEL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c018e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14628

GET
H3 200 1_90-7bhm010yb3s5gxxf0m109303cdyq0gxzp199ica9esr.jpg
sabaq.news/wp-content/uploads/cache/ 17 KB
18 KB 103ms
102ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/1_90-7bhm010yb3s5gxxf0m109303cdyq0gxzp199ica9esr.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd2d9dbc46b454f8e8c009fde27e109baacd7343375d8abac007fd56f2b8932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 20:54:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZmsvaBoxOlEMKOZXI5PIwmFh%2Borx8gf5QEJvKsFB9veKY7tSr3RDZoDCem%2FRvmhRz1y91B3PN3%2FgkwZqR%2FGcrU9oQgurDrp7Hmeki3q0lUwYO2reSrjgSzniM%2BY9U4E5sw7pIyE6Qmd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c218e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17867

GET
H3 200 Bernardo-Silva-7blco3qgbarj8b9tpuvxd7sazsz2quqt0424mg3u97v.jpeg
sabaq.news/wp-content/uploads/cache/ 12 KB
13 KB 104ms
103ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/Bernardo-Silva-7blco3qgbarj8b9tpuvxd7sazsz2quqt0424mg3u97v.jpeg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faabeea701bb1ee3074767d209528b0be4652d8062d67ff8ed66174b6d140896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Sep 2023 14:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak70q%2BNMSoKRz9aGvIDhKg9a6Fj07dyCoExE0BqmuubBsIexG6qjI5E1mJDa%2Fl13U40Bbx6sbOgW%2BwIPbVhUa%2BAd7eCJAaZt6VFVbTuVMZOpyqRprCC4hbSwh17TlbT57vsXCekXltjM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c418e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12720

GET
H3 200 727309Image1-7bl2tcskzl52ubwbv6ksc2hlco5f1vr209rqxnffwh7.jpg
sabaq.news/wp-content/uploads/cache/ 16 KB
16 KB 114ms
114ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/727309Image1-7bl2tcskzl52ubwbv6ksc2hlco5f1vr209rqxnffwh7.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533b8bcb9260108ad1f4a169ea291ef9ff37b4ac1c2a03ce00277cefed0feef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Sep 2023 00:45:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLSW5v6DvsSV2Hn%2FiJu4iz3rSz70NO41i6QBBRVuQTeVn4AsnVGLmMmp%2FGZ1ENBQTmKazK5pdEJ1BusOjMgco5WN%2FEa5mv2j0pdG9wRlLSjr7dvkYs%2F79Pj5Sy%2BG1NSLgoWc9pF98jFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c518e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16013

GET
H3 200 191063-7bl2pu5rqunq6749smu7r5fzrldkuvqbu6zq03f7aqz.jpg
sabaq.news/wp-content/uploads/cache/ 14 KB
14 KB 115ms
115ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/191063-7bl2pu5rqunq6749smu7r5fzrldkuvqbu6zq03f7aqz.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648335a51cc38d8c25ae85c02e5a2e7f1682956d9f479924ee1d8c6626d7877c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Sep 2023 00:34:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM31ere302tHFIWcLuC2L6bMez%2Bzn5EN07bmHLTo7B58H%2FoWMnihnnQc3USx%2FQ%2FiRKVttzQ7LriQVO3UDc4WX48h1z2T%2FppXmBCMxlrNsXdsFtTeGdUL5cpIUVXW37QRhwNqqZBWJe0R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c718e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14309

GET
H3 200 IMG-20230712-WA0007-jpg-7bczvc3ovbzxxebty5afx8g7fqxacvgd8otq8vp0nqj.webp
sabaq.news/wp-content/uploads/cache/ 2 KB
2 KB 120ms
120ms Image
image/webp 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/IMG-20230712-WA0007-jpg-7bczvc3ovbzxxebty5afx8g7fqxacvgd8otq8vp0nqj.webp
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360f5375b93824b00ba496ea5c6445513fa2bf2e95db045b144196d18bdb2a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Sep 2023 08:52:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJImcv%2BR%2FQcnGOuNxzx5pshrTM6NF4VMZQspB5zhlzGNzXq0mvsIBvBqLE5%2BeKu9xqFk8aLNq%2FE8mmh4vUKa%2Bbjg1p21fPbZHGMEUrff92e3fCd27soMDruoUkgdLxLIuwT34kTsclmu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c818e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1682

GET
H3 200 94500-7bewr33kg697g1kq8863n483sdbwp8a1az8gk3i0sa3.jpg
sabaq.news/wp-content/uploads/cache/ 16 KB
17 KB 121ms
121ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/94500-7bewr33kg697g1kq8863n483sdbwp8a1az8gk3i0sa3.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9286ee565f5adfc12b14519e91524aef9314b32bb9ec30f7ac3b77e46d51d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 07:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDBRe3lPucBfXkfhm4oiDHyS9UgCrwzsuktXI1AwMMxyM0S1FBVU%2F8gS3Mchp2zItKOg0osMfEuPiUbEL0ywOqpZLLn0LUIISlkPo4dklNrPEPTWPyzxx9XVUgMJH0n9uroDapDX%2BpQp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59c918e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16672

GET
H3 200 %D8%B1%D8%A7%D9%85%D9%88%D8%B3-7bbxz4yab2uhagoimrq3wch7ao3w8oai7v790rulyqz.jpg
sabaq.news/wp-content/uploads/cache/ 13 KB
14 KB 122ms
122ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/%D8%B1%D8%A7%D9%85%D9%88%D8%B3-7bbxz4yab2uhagoimrq3wch7ao3w8oai7v790rulyqz.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e98a429b8619f41ec51ed64525bc61d0836920f7ff931c92bfb760ca796532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Sep 2023 05:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FR4RbxKTT%2BQWrxhbboXe%2BJnreXfTvB4kWBR6sCwiiij4F7p3UwBZ1r3JKuHP6vbCSR%2BLlfkM13TdFu7K%2Fj9RvHEolERk2EDWK3AfNJVfABbAorLaH3YOG7p%2BvkcW3ZVFelJ48qNdB80"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59ca18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13736

GET
H3 200 64ff7bee4c59b71f9a6402dd-7bewp7qgudoznzmktl1u6f82jr7xpl6ltptbtxlwi7f.jpg
sabaq.news/wp-content/uploads/cache/ 23 KB
23 KB 124ms
123ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/64ff7bee4c59b71f9a6402dd-7bewp7qgudoznzmktl1u6f82jr7xpl6ltptbtxlwi7f.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adce20bd1f88cf5988eca43989269b47680aca7a009d6b01d1b547aaedcd1ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 07:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mxHsKPoFXiC3rJ6aWQ98hP5dzqqWFjG5TSyXeiPODtIl8VVRjb4FYByDX1%2FkRcYZXy8dDkeomLYJlia0GyPQ0GnLfff1I8GFlarOuRR5sV8PWRh%2Fkv8DtTa9GggY0AJxCHFly5v8jJs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cba59cc18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23433

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 55ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/2f3fea51-1fc1-424d-a722-fd87f4982875/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec0490dbedb4e61365032c24a9fd60a7d26ea8f33b70436adee693548f09b817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30196
x-xss-protection: 0
server: cafe
etag: 784 / 19693 / 31079808 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:45:53 GMT

GET
H2 200 prebid7.36.3.js Show response
get.optad360.io/sf/ 520 KB
165 KB 7ms
7ms Script
application/javascript 2600:9000:225e:6c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.3.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/2f3fea51-1fc1-424d-a722-fd87f4982875/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:33:33 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 08:32:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1581140
etag: W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: MsIqzXBzCSaK-3IZBn4cV-DwRS6eucchX1IIlKmPjV9kFLAumAkN5A==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 129ms
20ms Image
image/svg+xml 2600:9000:2127:c000:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c000:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:25:33 GMT
content-encoding: gzip
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 4360821
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: 5RDvNPJ_WBoGQP3-Nc_vS2ERcxoQW_UcaJvV6KW_qajU4xVmyKCt7w==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 22ms
13ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65bb008994fa5db03b2d2e55358e58280714d4392e17af6eaa55a900347931fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31504
x-jsd-version: 1.0.1891
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-62Qzsh2rpPOzYIYGu+YRHWOL6yc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZHFu6gJSbTREATPcoWWZaBnKsiRay3X%2FJXZQSO2grfKnFxm%2Bf0qUs03DF7RUgqLYug3ikwG3G4GGrqwz8nYsEm0LZbPBpKe4i%2Bz8NebjWLGW8F0a58oewLQ4d0IGjNB1SKiODUZEDIbf3XOkaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82ef8cbae9d01968-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1020 B 42ms
18ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 00:45:53 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 408665
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tILBH56H75hX4J2hPq2va59mNpPk4HybUeae5%2BlZTr%2F1qh55nznQhVaj4HmXQnL1gU5KPKFQ4ifHWy1nrprRwAAozi2UQ9t%2FOQ5iKDxxUXgmWkdaMsDwN4BpFTtCKYsLCk58O2LO%2FM9oxOxt"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 82ef8cbb1d2e3a96-FRA

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
170 B 166ms
36ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sabaq.news
date: Sat, 02 Dec 2023 00:45:53 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
351 B 696ms
354ms XHR
text/plain 131.153.206.103
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sabaq.news
date: Sat, 02 Dec 2023 00:45:53 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 192
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 36ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://sabaq.news
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
173 B 54ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sabaq.news
date: Sat, 02 Dec 2023 00:45:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
135 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8899
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Nov 2024 22:17:34 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 33ms
18ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 00:45:53 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 408501
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrWBaZunqk81Z2ViHrGKbmB8WSf9tnzz4Mp6sbIAElCdGSuZk%2FhPlSKZVY5V4ceS0x1fhVznebQ13799dR4AVdDxdGSPbbzglQOrgOUpCXyw44ntWPiqUgoVD8Ciqt0EMeSOmbyWtilwrLY8"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 82ef8cbb4a0a68fe-FRA

GET
H3 200 WhatsApp-Image-2023-06-22-at-7.28.51-AM-7bjhh1d4ykkuxdjmx3bodfq7y7spiczyc6jqj5zo36z.jpeg
sabaq.news/wp-content/uploads/cache/ 17 KB
17 KB 97ms
95ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/WhatsApp-Image-2023-06-22-at-7.28.51-AM-7bjhh1d4ykkuxdjmx3bodfq7y7spiczyc6jqj5zo36z.jpeg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e589bc4beea6f716e0128087f219a98b83e842f8e51c26472af38257965c6efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Sep 2023 17:41:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlF5BrxAGvyqKmAODluMXspYF9nFDyePsb5QJxmMkblw7LijrcZ7o8GtWnwo8m40ROWhEtakHOEPtPpPalJxOTQ%2FC210YMpyYIhkOJlCb1FodEZXJCLTGCY9%2BvcLwLAxFszLvj5Av0%2FZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cbb4a3818e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17083

GET
H3 200 %D8%A7%D9%84%D8%B9%D9%85%D9%8A%D9%84-%D8%B5%D9%81%D8%B1-7bfa21n7kaky9neyvvcrnz4my71lg2xqw9wu208bsiz.png
sabaq.news/wp-content/uploads/cache/ 79 KB
79 KB 108ms
106ms Image
image/png 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/%D8%A7%D9%84%D8%B9%D9%85%D9%8A%D9%84-%D8%B5%D9%81%D8%B1-7bfa21n7kaky9neyvvcrnz4my71lg2xqw9wu208bsiz.png
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d3e990e5264f2a468ae0a4b6a5a7565e0d8299ef91dbca9ccb385b73bf0c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Sep 2023 01:00:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4pnd3xSNklv%2BsZih5ncSTLqvsOIpWQdG3rgLc2oX0ua870Pf2OOP4wTXPRJKZVKS%2FjFjvIKec6fGVAa9Pq%2BFss8PYurysJOBnNJQMyueXoGK7sSrALuGN9URQHwfNgm8qSiNJ%2F4c%2Fa8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cbb4a3918e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 80882

GET
H3 200 %D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF-%D8%B3%D9%88%D9%8A%D8%B3%D8%B1%D8%A7-7bby0fy7ssmteys90c1gd0m8zxo8xjh32btj0lwxbmz.jpg
sabaq.news/wp-content/uploads/cache/ 32 KB
33 KB 114ms
112ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF-%D8%B3%D9%88%D9%8A%D8%B3%D8%B1%D8%A7-7bby0fy7ssmteys90c1gd0m8zxo8xjh32btj0lwxbmz.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d1191a867404ff515ea0d8ae04bba78138115cc581a28b500a64350e57dbd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 06 Sep 2023 05:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEky3T6ViAgliHn9NHCw6JxU3DPZOg3b81oQZCLA9QEWpIiM3MNXdfhmy2oGhCeZhpVEGPyvh7vKiXbSFeV2puNWcKh23bmDcM9Z0lbR3tBejFi4F92mpdmUj0oK8H9qjI0F3SGa%2FlXk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cbb4a3a18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33085

GET
H3 200 image-1-7bh6zxekn9rasg8d1peyjhj6ha9ux1w5t49jw5jigx7.jpg
sabaq.news/wp-content/uploads/cache/ 14 KB
15 KB 117ms
115ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/image-1-7bh6zxekn9rasg8d1peyjhj6ha9ux1w5t49jw5jigx7.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383f81d5170764e50a23785c27be46cb074820d3739feaacd5683ba8e6723299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Sep 2023 01:49:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKEen6imRRNo%2BY%2F%2FKLQe%2Bal69BUcQN4WQE3JvPR7%2F4XCpPSveyq4kbV1w4WJY%2BIZJWlplChHnKtYIVRr56la1lurr49qZpYk0%2F1RrP03Z74gci7VL8DASjHFPzMcG%2B9cVcGT9pQ%2BCKRN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cbb4a3b18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14520

GET
H3 200 %D8%AD%D9%81%D9%84-%D8%B2%D9%81%D8%A7%D9%81-7bdwxoez0gtj1h2geqfs0gtgcc3otl52xo31k57gs2z.jpg
sabaq.news/wp-content/uploads/cache/ 34 KB
35 KB 112ms
110ms Image
image/jpeg 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sabaq.news/wp-content/uploads/cache/%D8%AD%D9%81%D9%84-%D8%B2%D9%81%D8%A7%D9%81-7bdwxoez0gtj1h2geqfs0gtgcc3otl52xo31k57gs2z.jpg
Requested by: Host: sabaq.news
URL: https://sabaq.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555e49a8bd2e0bb733a589bdb7fd59405acf6a5ffefe90939f379c8967c54e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Sep 2023 05:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BDeZUXlie5DWGquSAQ7eCyQmLeLWntN6t20vHNWwsY8Gf7KC4k8FR2wCvWSKJv88y0RvzINoqPwqdDQHIZPJZvPeRjTjAfAV8xtW1KpFGK5TQSozGla%2FdTTwH8r1%2Fn8Z%2BFOQCE1lfUR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ef8cbb4a3c18e0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35271

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 43ms
10ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:40:12 GMT
content-encoding: gzip
age: 1580741
x-guploader-uploadid: ABPtcPrYakBZZUaYUT2Aa4NoJoJQZRP6-ODG4Mlhh8MKCLApMvJzlaEJN2z8T9SAscKxSRsWb_zHAvxtH2n8WvZ8c-eAXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:40:12 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 56ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 00:45:53 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 35ms
17ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: VF0K1FN7KR7ZCCA2
age: 3238
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82ef8cbb8e1090ef-FRA
x-amz-id-2: dr6oJ8UZH6gxgPjsXBxrxBIx6Zp7MkR+d8Xk38cJxE7BlmdtmDakYA5d7D+sYXqzg9fp4ksqnsYnhZfeegZrtg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 75ms
21ms Script
text/javascript 2600:9000:2127:8800:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 01 Dec 2023 10:03:30 GMT
Via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 52946
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: b-YtQ_ArRvSvXCGGjxKSWqFhyiVSr--UmHOBcQaFdLopQQUqIC505g==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 14ms
13ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33809
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj7xnI5NrEoPDqp0jstXEWSQMZuM6J5pUoeAMzGX5aMPnT0vhtczsgzC7a%2BxX7RGfTj3Kddr%2Bw8jYzjUTC7E0bLWYHpym7tWeEMW0pXSq7HpcEu1FUr8L7Ej3EcBBEH26VHcCQNJxJwJtancn3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82ef8cbb68970394-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 28ms
8ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 61654
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: F1a-rtEdJV8vjtasoSw9vPtY5OZnyCwApCRHjtJqI4UTSrlIUX1n8A==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 60ms
26ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:53 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f8cde732e87afcfb24a4ec2a985bcf1e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 101ms
32ms XHR
application/json 54.194.196.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d27864e2fd1c5fefa4dbfcd802f1f376abe7bcc0b200303906cac4c9eddb0589

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://sabaq.news
cache-control: no-cache
x-server: 10.45.25.127
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
226 B 38ms
14ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sabaq.news
date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp&cc=1

85 B
203 B

120ms
119ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e9545559bad28f2d4ab92b91d88cf0fa40e5a74c16341aa3492bbf24378bd6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-d7Wrw0mjBG8Wvy+E7g14dnUwHy8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sabaq.news
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 02 Dec 2023 00:45:53 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://sabaq.news
location: /esp?url=https%3A%2F%2Fsabaq.news%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B673 15 KB
6 KB 47ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sabaq.news

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:45:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 281809
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame B673
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=sabaq.news&sn=ChromeSyncframe&so=0&topUrl=sabaq.news&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YXnHRHx2MHE2Q0hFWll1VHpmb0cybzhJQStSdEQzY0x3RVBWSHRZOWpnREdxNXZGWUlheHd5SzNFaFlEMkxGa295b3U1dEZzQkpBWmp0c1c5RlNvbkhsY0RoWEt3Nlc0TTRQUmZoNjE2M0FSd1B0OEVaWWtLNjVzQjdQUn...

422 B
652 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YXnHRHx2MHE2Q0hFWll1VHpmb0cybzhJQStSdEQzY0x3RVBWSHRZOWpnREdxNXZGWUlheHd5SzNFaFlEMkxGa295b3U1dEZzQkpBWmp0c1c5RlNvbkhsY0RoWEt3Nlc0TTRQUmZoNjE2M0FSd1B0OEVaWWtLNjVzQjdQUnpSNmU3eEJ0MDlMc3ZsRFdRcm9yT3lUdncwUkZKMzNQcURUek9lZE01L3N0Q2VXZHNPV09GNlo4TFVTZHJERHRqT2hNTkRQV1RsMGRsQkhtdE1JRTVybHJoM3Q3WXpVYms2cTQ5QUJHeFcxeWdxRlBMQ2E1bThyamN1bDlrcm5SejBCQWo3QzJRQTNpVmtOMkFySlZTbm8zNjB5ak56Zz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e0530d2b0e71fe73dac68df26f70520a3d48bdded08faf172f4a8348ed5a330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1229036
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YXnHRHx2MHE2Q0hFWll1VHpmb0cybzhJQStSdEQzY0x3RVBWSHRZOWpnREdxNXZGWUlheHd5SzNFaFlEMkxGa295b3U1dEZzQkpBWmp0c1c5RlNvbkhsY0RoWEt3Nlc0TTRQUmZoNjE2M0FSd1B0OEVaWWtLNjVzQjdQUnpSNmU3eEJ0MDlMc3ZsRFdRcm9yT3lUdncwUkZKMzNQcURUek9lZE01L3N0Q2VXZHNPV09GNlo4TFVTZHJERHRqT2hNTkRQV1RsMGRsQkhtdE1JRTVybHJoM3Q3WXpVYms2cTQ5QUJHeFcxeWdxRlBMQ2E1bThyamN1bDlrcm5SejBCQWo3QzJRQTNpVmtOMkFySlZTbm8zNjB5ak56Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 271772
content-length: 0
expires: 0

GET
H3 200 admin-ajax.php Show response
sabaq.news/wp-admin/ 2 B
516 B 393ms
393ms XHR
application/json 2606:4700:3030::ac43:cba1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sabaq.news/wp-admin/admin-ajax.php?action=breakingnews

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:cba1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://sabaq.news/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSj1vhyRA3rqVYQndwD4IvJNWvSs5diESc0mRWCeYhszgk2D%2BwIwyJTEEJ2RKZhNNVEuLqxpn4uJFoZwm%2F0C4qNaGqdQ7PNhEhq35SwbnS7AiyrYTCI%2BPPcyCoN5KcVUbebNPDgi70fe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
cf-ray: 82ef8cbc3b3618e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 2525 0
176 B 50ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 02 Dec 2023 00:45:54 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 280ms
280ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2693741651524643&correlator=3635900767654490&eid=31077978%2C31079808%2C31079527&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&iu_parts=121764058%3A22992278924%2Csabaq.news%2Csabaq.news_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701477954469&lmt=1701477954&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsabaq.news%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=2073300491.1701477954&ga_sid=1701477954&ga_hid=1066437801&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYnuL0v8IxSABSAghkEhkKCnB1YmNpZC5vcmcYseL0v8IxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJ7i9L_CMUgAUgIIZBIXCghydGJob3VzZRjh4vS_wjFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pTlRSelJuTnJLM2hVY2xkcFIydEJlSEpqVW1Gc1p6MDlJbjA9GNfk9L_CMUgAEhkKCnVpZGFwaS5jb20YnuL0v8IxSABSAghkEhsKDGlkNS1zeW5jLmNvbRj14vS_wjFIAFICCGo.&dlt=1701477953517&idt=295&adks=2870657152&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c332bf56cd50ef08ecbedb740f6debff5814c008da6cfa95fa6a81d109cb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10552
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sabaq.news
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 42ms
22ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6cc2fa73ed92105c01830294b748812be0fec780a5d52ad6ae59bd3e036272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12387
x-xss-protection: 0

GET
H2 200 container.html Show response
ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C565 6 KB
3 KB 110ms
41ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:45:54 GMT
expires: Sun, 01 Dec 2024 00:45:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 00:45:54 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD15 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 22:17:38 GMT
expires: Sat, 30 Nov 2024 22:17:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7626 829 B
1 KB 36ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

505792d4ccd728e166b1c3f4c9cc295ce92b19344a25f2378361d64882a0d28b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XFMTJKXdIj6vS419yRVGNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XFMTJKXdIj6vS419yRVGNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:45:54 GMT
expires: Sat, 02 Dec 2023 00:45:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CD15 39 KB
15 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7626 0
0 40ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=2693741651524643&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CD15 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IIbzQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A601 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:45:54 GMT
expires: Sun, 01 Dec 2024 00:45:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E308 624 B
826 B 61ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EENDH9a0EGLXh7P0BMAE&v=APEucNUnC-NVIeSd_XhSYWrcd2DryXsXmAK1o42CmCO-eyr_26AnVWN2NP1HdFXcddAGLygerCx92GNh8BgJiz6PMZDoCgacPI5yVuy3Lrbre4FgGuI23vb2rnQ3TGjF-7kD1gSYCNCYAAKEM1h5y_jT1rdhi0r5snq34VJcVO0stGu5zY2gn4Z3uD5jKIAIY-k6-tdpPfQtn7gcsidVMXwMIExvWZATkQ

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 00:45:54 GMT
expires: Sat, 02 Dec 2023 00:45:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A601 92 KB
32 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32789
x-xss-protection: 0
server: cafe
etag: 17194431578830737671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:45:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A601 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyEE_uxrOt5woyeeo5nyYXVvUB3_0tSt0z7tAfkPk61up2X6nwpjoGWqXxgKgoQyFKaGHvDNK4gGe8PEN1Rfw-SXyasS3PsOUED0--Jmj_L1gaXIw

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A601 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17612290501926053330&x=1&ct=119

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A601 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A601 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A601 202 KB
64 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 00:45:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A601 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8254288927171&version=m202311060101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A601 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8254288927171&version=m202311060101&ct=119&x=1&cor=17612290501926054000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A601 91 KB
38 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd6jPyIJfwqPZjxIYaLHbPL6ttB0WniQ1p1Q6v4e_rSWvFhdXiIM-myX3clr9G1PnHNYI3yms-4Fq-Skd7Qe22nFvv2Sm1-7hz650tyAN0XJBiy106j2QE4Vkdeq3wBNn7eKhSWjdYzd_BAE76MEwc46WFgAykP50r9AlZD4zgdpiTsi69S4VRm9jjarTNku4KKx0b&cry=1&dbm_d=AKAmf-CyIxUs87ZAjiaMbeYXl195mr4xZa6yGlt7Ol_HxVduVvvnUvSqZC5KSZHxpLoAFIK8TbIsWzUG0WPx_BxipXTMfeRIanTfUR5rUh9k8o-c66XgFCQSgOIQC_beEaeHQKSumDRZZAG1TJ74N-lxJ9aemC_409xYKc5--0uWmtVJGX0gpajVyzItS04c_wzQWiThadEROZZCFvg8QF0JloHx5iYTWXK4CZbazNmtr7tXzebrpg2hRZ_GY-CGiP8ceemjiIYDjnVfFPwi-jfG8DmsEMacWY0cs4UZqH1WtS_b8pcK-RLDJKL_2m4nsf_YMqYQJrPkuOjYRgB4ZSUXhxeBpgbvwn8I0MkoQWMqblMu9h57pSFkVyV4_Wu1UCMNoC27E6UsasU-oKkgDZkuJp0dBuH4DLQP2loTWnRH_iZ4blk0L97zyMqEWt0QRWrQUv3S_YFHdVrDe4eD2HytBenWOUfbIa_fSXm3Ikagl4Pfugmpi0tRwOl_Ok_UM6PK6T2WFLrYEQz9Wb_-ECLHvP6NAytR-i-jyO1uw4EEKAzWwsfqZU30ix-Q2H21Nb98524CDcicaOBBH02aCIhYf09SaAMnUIvSe3N4oBH8dmOP2Id4QpMKiKhSWD2xJQBqPNwPizx08yfUPswMyVUM46UlmdysAGjeZ8Mjdn-uSlwgr1VWiwCgykw1IFmzsO3goIQwqP324E5OIUG2J-U41kAqmi1oea-uPW_dgFioz1KKaUzWIVkFAi2xGUeYIVGCZkCbpYML6JIcIURu99SvkiAAQb_jBaGp8ARfbxO8Jigs0KEGoXA4sFpSKsLQ7VuzTmuO8yh8OZtdRj9f4G0PBD9k8H_VyNCN6mLVHCEkgz09Bg2jH1dVwhd-r0RfbSuvmjkJ6CCJ5-NWKICfG9ZHw2xZSYL1JdlwUgfOu6r7CVQIRahDtpsdHS_cRGAbhRGcmqYryKlsq4aqdqqcobQ_qyrJkCgrP5KU7qvHNaWgmQtYbQSSaG_dZxMqGzDaBKfi8ZWbx2RKr3_-xq97R4a6gze8r5xjjC3DJxJMMJMOmdmwohsMjrkAPlMLQ1xnP0zovnLo_jAYwApkmLU2OnosZ3XhI6isqkTq7Tc9ZqXBYFHqdgd-_OpwnSfp-jQk7JI-hgtu6kVH3eH4nljWUCT7C8Zvh4wURiZBYBRpWZXAkM-fS0Yh72petFy4TMHso1Yoj93EKHKSWSQMJES1kIUks1Wie0ClZUFsupg89nP3HeM2p0VjJ-ntcmWN9twEhdEpeSpp0mwUk2w8IE-ArdMt7uMggcVCYjwC2tw-bZKjCjopZd5QPV0avlJ0layHl9ueZgklpxv987rQ4IRXpdCHJwQQw0VUdcrVxyHUyeN5Kgw4gEUh_SVV_EfNHUNH1FS7V0epWuosLIQjIWqC58bEHQPplk0U78dRSb8yXtAS4moTCkD1sci_OcVqbm12_zoAlvEBhtWbt8FLq0_jGKl9cs5YM7RyUeI_brywbC5K8d-WTb0PKEVxW8BDhZVwGeByEJvUl9SJJ1T1gdiiPBhXRrnYk3ZImnu0ALpL8QQL28uLdw9X7W_HIt_0fvnZiHPbzcyBNxq2pKrpL7vtMTErli8m9QXyhY9VvrklCaxnxfHozS4Aa-YRpq8fb9HIIZvabJ6Q86Qd23L3PtmPfhOU-fFLgx5q-2cdIqdqbYRFAhTlSD6_bogpyoCDwPawJ3pkdLD85zC7kdOpXV7jk5fufMkUcgGBNQrB7IRClXTY7fzXGsHqcOEm8U0oDhIdjNC23YcbZTMGP41goK6o980e6ZySmeRWp050PXIlvJHVFmD--_25Pcsa3zY6aQiD2NhOMrLxMau068KAlUa-4v3XOAFdLq3ZmgJdZdOeYMXz2L7KnGLCeR-g7o7g9std1bpElO0tTGUf52oRE_VFOs4YfFmUW5M7Sul70TjLZjzo6G4LA6ZnmFLqZugGdbkZGMsBKOhmNmouKkVTwi4OcWPSYL2NodjVpH-eu_gGNmjkb4KDcRcNE7cn2SzP0LzoKDy0sJ6dJ5vM0hGqJs06tDqpZsHPDrZJgs17fmylxfuEISN0Oder2a_7t4v-sFuM-QBiiPRogrNxpwvfV_xLmME-3PH0r2ZFp8zF_E2nLU6aLm-8mpEgWeT4UBedpPfD3EWd4OFmcS7Zc0wjKG55Ao4vYb33dC9z_abNSOzDXXIBOxw2xzYeLLA-LllC6ShDvHKB1hJn777yfjqYcrvYclP6_J3WI_sbG_cYLJarF2ZqQzeGT6jI_bAYbeEA9LZPABGffQsQdb2HwNYFcZv-0TqKgxKQWid1MjFw0ecTSSp8HtGfRa48wRBOgBY1A2A2rnYeKEr6ScWQkBCqGTuY85NYaAm8V-JgarCcuVR3d_OU5RoC-Cm_tqCNhGDdkDHu0AUq_RsHgazeXWU-Ipw0wFajj_Odv2UOXxG7nb2K-ErRwJRCe8txwybFnsoWN5tzayxnqxjCD_DNJztNSj01jpPf9nhdjI1YPyaOTnZ18ASdQaCGL2W7SqVoc76QRmiKdmNCWi6xEjHjQACrsZ-Pv_gA3TfjRh0Gf2PAqcCFHm3DTWRmiFTxpPKK5TWI_e7wAoSV4g499J1aaiSd6FwpHEzWiqNbFffv--2bnbcqWNLysqfNYYf9HdvP1UdPr2NjU6vbY7rERjoCB16oEgq-8IbCA9JP1Sdq7ng59MKHTYRXLpQjxuXq1zcPtyVfEg4fp6C9as5jlTsx3zzqkO4TF_en6GQrkb4UtdYKrW4RR3ySl8EbJX67oMv_EpOWa28hCkfXMohuE2rgz5DlOG6LTsJsLv_AlqvHS43qyaMflN3cdJW_J0rBtf66EWTHbnKddDQdnhctPdr25wrT9SO72EHSY0x5RfEARrSTKmPAwWjPCrlUIFDJq4afjEra9jeDRsuSEw36M7cCD8hGe2LHYy6pMmKaTmgB9Ik0BSLPXs0l1MxZRaV99ExzTt8RSj6wZCSC5kBJf_InK3hR04kSg4xauEoal5FQfsP8G5pvyIuSEowEtn5Q-YyGupR7lxuG-Mfusql86S29CuJsdjW966GOyCwPbU5npsCwM6iyF1Z-OSWpjFPRLjGQWxOPO4gQKgxF5dL8IZq1ael7MYGlWl-UO86Nhe3KgqBEsnOlo0j_W0yLHcjSp6aHLou_nIr6I6k6prQiw4QXskqilsb683Cmv0bDWtIZYULrU24uvf64SxTn4_zV-7a34bWJyy7Hdq90h3Lb83p9fgBkjTZae3xurccE_uvkOgsYujsaBJUeTGkpCOczhfRACCp9XqLQUN7K_THP6XAd0PPr41CAzelOkiIs_SsLrPnEkHEPSmuOAHb2uZ69kLHWP7E1oI-WXqRKvnObEz-YxWpUPRK2jl8KqNQWIFu1WTKhU1jmN1ix9mXwJAe-up4P8Cr2HYOAvfDfhjgj8mFOTwTvTlcNTqBXR4V3G5X09bEndsBxC4QeueUitW3rxMg2tPHZFNeknRnq9N9G-6Q1gggUQBTUL54YfCTIwI5ouWMxi4-JSHbJ1tPX45YJ5-x1NaUoTi99hGy6V6Ss1fYfbISsBJ3OESME6ZM36iQAlJXt2qphfhcywBUf4WVx6Nfczs8A82JeS9qxSkRzSTR9tM1-D6AnNNCP2NML7ngdBnpYWFOmOe3reE9N30gP1kppuWPc8t1SE2JtIAgZYoKTT0n9W0C5VM2Xq0l7kdAWz7cDjhpWVjQrTd6TDZfibp0onRzJMBDu-F56f06m8AaElkYPgS2KVcGLqG5D7j6bxdUAP10e9uGJDu9AK6tghPsWFqdXwFIqIImASqUEKqR8sNEW2KXcmvX57G0YntynwwDG85XU1I5YvdFcuQhCeJjXQT2s6P-TAQDq9f75L6p1CGiDga9e6QiXIqXa3CL0N-5jqpi2nUDdb9wgnh8VmjZPUQ_a4yQv7w4sXkKcf7J12xHWcb27Xin2Vb_SYQUi4YJ6hx4Qh6G4XFc0_atswiMr4YGu64xd37X4STONTOvV-UWIAan5InAtkENPXXVudhoERvHZ-lXzHF0_O7OAYFZZAvVrGeRP48icrL8XwVL2asNzUsT7_znzyBvbTniBiD3SvxRm_XGm0q7fTf4Ya3ZABF13i9bCbMpCZZNcWq3O0rCup24fuCiyQGHEuxLaVBqI7xt1TDm62MSHJNNArBsthzU2zplubEqXQP6W-zyu2GM0XezcSMwuZdBU_mb6qeCbgsMhV81VMgEZXo4ItHVmSWeSk-2BeQy7IihrEBlf9HrswC1hk9CslFo_Niqa2zjubrE8NWAeO3mbLst3g-k&cid=CAQSTgDICaaNRtUNes6p7d-c2xGd3Mef4KVlxlV6_zq9ig6b7wlWOz4FxZ_SKJJz6rb4Wggi_eOHtvhA8o_wFHdbYoUxdP9b-yIM4A-D8Ds91BgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fsabaq.news%2F&ds=l&xdt=1&iif=1&cor=17612290501926054000&adk=2228999115&idt=38&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef3aca6e2d8b1b8aeb156a77d0dd0f4c93725c92661403dc9fc425d6501cf630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38776
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E308
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGnRkgDewJRPwodifUpx7w&google_cver=1

43 B
333 B

19ms
18ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGnRkgDewJRPwodifUpx7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EENDH9a0EGLXh7P0BMAE&v=APEucNUnC-NVIeSd_XhSYWrcd2DryXsXmAK1o42CmCO-eyr_26AnVWN2NP1HdFXcddAGLygerCx92GNh8BgJiz6PMZDoCgacPI5yVuy3Lrbre4FgGuI23vb2rnQ3TGjF-7kD1gSYCNCYAAKEM1h5y_jT1rdhi0r5snq34VJcVO0stGu5zY2gn4Z3uD5jKIAIY-k6-tdpPfQtn7gcsidVMXwMIExvWZATkQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BY2PToDkakYdOg1%2FGcfwif7ulCDpkZyoUZthepSl97n9FUOwNixkD63yR64lekUdMrCt5l7uHjjJsmhiPE3xt20hgdybUx9Txt96UGJkkfdoO441FYXlUkXHAVpX6Pi9MAMJ2oIck9nqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ef8cc268f02be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELGnRkgDewJRPwodifUpx7w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E308
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWp.QpwLOG1bUk.LO2G6qAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ57zxWOCpfyrzQSz232xGE&google_cver=1&google_hm=2

43 B
766 B

25ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ57zxWOCpfyrzQSz232xGE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EENDH9a0EGLXh7P0BMAE&v=APEucNUnC-NVIeSd_XhSYWrcd2DryXsXmAK1o42CmCO-eyr_26AnVWN2NP1HdFXcddAGLygerCx92GNh8BgJiz6PMZDoCgacPI5yVuy3Lrbre4FgGuI23vb2rnQ3TGjF-7kD1gSYCNCYAAKEM1h5y_jT1rdhi0r5snq34VJcVO0stGu5zY2gn4Z3uD5jKIAIY-k6-tdpPfQtn7gcsidVMXwMIExvWZATkQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCfd03AlB4jvIMexTY8QKZ91eR5vNeNbcQGg2XhaDOP0O1OqQnfk%2FyVU2DvW11ePup3ppj2Nj2c3CbsGsGXr72UAYKHGfwElAPQ6KVTlfJ0HJPFBCb6hqTI2zjhQ0PQAzIhXhOwFasUDxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ef8cc299f19247-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ57zxWOCpfyrzQSz232xGE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E308
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPstIjCIlmz2dLfGhgFnrvQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPstIjCIlmz2dLfGhgFnrvQ%26google_cver%3D1

43 B
892 B

14ms
14ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPstIjCIlmz2dLfGhgFnrvQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EENDH9a0EGLXh7P0BMAE&v=APEucNUnC-NVIeSd_XhSYWrcd2DryXsXmAK1o42CmCO-eyr_26AnVWN2NP1HdFXcddAGLygerCx92GNh8BgJiz6PMZDoCgacPI5yVuy3Lrbre4FgGuI23vb2rnQ3TGjF-7kD1gSYCNCYAAKEM1h5y_jT1rdhi0r5snq34VJcVO0stGu5zY2gn4Z3uD5jKIAIY-k6-tdpPfQtn7gcsidVMXwMIExvWZATkQ

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
an-x-request-uuid: 5cb8d034-0bdc-478a-b95d-f20856c73a25
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
an-x-request-uuid: d8a42a2c-cec8-482b-94ed-1f94b947826c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPstIjCIlmz2dLfGhgFnrvQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E308
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTIxNDc3MTE0MjEwNDk2Mw%3D%3D

170 B
188 B

20ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTIxNDc3MTE0MjEwNDk2Mw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:54 GMT
an-x-request-uuid: 108acacd-b712-4d6d-8d94-8dad3d6595bb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzOTIxNDc3MTE0MjEwNDk2Mw%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A601 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
Origin: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame A601 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd6jPyIJfwqPZjxIYaLHbPL6ttB0WniQ1p1Q6v4e_rSWvFhdXiIM-myX3clr9G1PnHNYI3yms-4Fq-Skd7Qe22nFvv2Sm1-7hz650tyAN0XJBiy106j2QE4Vkdeq3wBNn7eKhSWjdYzd_BAE76MEwc46WFgAykP50r9AlZD4zgdpiTsi69S4VRm9jjarTNku4KKx0b&cry=1&dbm_d=AKAmf-CyIxUs87ZAjiaMbeYXl195mr4xZa6yGlt7Ol_HxVduVvvnUvSqZC5KSZHxpLoAFIK8TbIsWzUG0WPx_BxipXTMfeRIanTfUR5rUh9k8o-c66XgFCQSgOIQC_beEaeHQKSumDRZZAG1TJ74N-lxJ9aemC_409xYKc5--0uWmtVJGX0gpajVyzItS04c_wzQWiThadEROZZCFvg8QF0JloHx5iYTWXK4CZbazNmtr7tXzebrpg2hRZ_GY-CGiP8ceemjiIYDjnVfFPwi-jfG8DmsEMacWY0cs4UZqH1WtS_b8pcK-RLDJKL_2m4nsf_YMqYQJrPkuOjYRgB4ZSUXhxeBpgbvwn8I0MkoQWMqblMu9h57pSFkVyV4_Wu1UCMNoC27E6UsasU-oKkgDZkuJp0dBuH4DLQP2loTWnRH_iZ4blk0L97zyMqEWt0QRWrQUv3S_YFHdVrDe4eD2HytBenWOUfbIa_fSXm3Ikagl4Pfugmpi0tRwOl_Ok_UM6PK6T2WFLrYEQz9Wb_-ECLHvP6NAytR-i-jyO1uw4EEKAzWwsfqZU30ix-Q2H21Nb98524CDcicaOBBH02aCIhYf09SaAMnUIvSe3N4oBH8dmOP2Id4QpMKiKhSWD2xJQBqPNwPizx08yfUPswMyVUM46UlmdysAGjeZ8Mjdn-uSlwgr1VWiwCgykw1IFmzsO3goIQwqP324E5OIUG2J-U41kAqmi1oea-uPW_dgFioz1KKaUzWIVkFAi2xGUeYIVGCZkCbpYML6JIcIURu99SvkiAAQb_jBaGp8ARfbxO8Jigs0KEGoXA4sFpSKsLQ7VuzTmuO8yh8OZtdRj9f4G0PBD9k8H_VyNCN6mLVHCEkgz09Bg2jH1dVwhd-r0RfbSuvmjkJ6CCJ5-NWKICfG9ZHw2xZSYL1JdlwUgfOu6r7CVQIRahDtpsdHS_cRGAbhRGcmqYryKlsq4aqdqqcobQ_qyrJkCgrP5KU7qvHNaWgmQtYbQSSaG_dZxMqGzDaBKfi8ZWbx2RKr3_-xq97R4a6gze8r5xjjC3DJxJMMJMOmdmwohsMjrkAPlMLQ1xnP0zovnLo_jAYwApkmLU2OnosZ3XhI6isqkTq7Tc9ZqXBYFHqdgd-_OpwnSfp-jQk7JI-hgtu6kVH3eH4nljWUCT7C8Zvh4wURiZBYBRpWZXAkM-fS0Yh72petFy4TMHso1Yoj93EKHKSWSQMJES1kIUks1Wie0ClZUFsupg89nP3HeM2p0VjJ-ntcmWN9twEhdEpeSpp0mwUk2w8IE-ArdMt7uMggcVCYjwC2tw-bZKjCjopZd5QPV0avlJ0layHl9ueZgklpxv987rQ4IRXpdCHJwQQw0VUdcrVxyHUyeN5Kgw4gEUh_SVV_EfNHUNH1FS7V0epWuosLIQjIWqC58bEHQPplk0U78dRSb8yXtAS4moTCkD1sci_OcVqbm12_zoAlvEBhtWbt8FLq0_jGKl9cs5YM7RyUeI_brywbC5K8d-WTb0PKEVxW8BDhZVwGeByEJvUl9SJJ1T1gdiiPBhXRrnYk3ZImnu0ALpL8QQL28uLdw9X7W_HIt_0fvnZiHPbzcyBNxq2pKrpL7vtMTErli8m9QXyhY9VvrklCaxnxfHozS4Aa-YRpq8fb9HIIZvabJ6Q86Qd23L3PtmPfhOU-fFLgx5q-2cdIqdqbYRFAhTlSD6_bogpyoCDwPawJ3pkdLD85zC7kdOpXV7jk5fufMkUcgGBNQrB7IRClXTY7fzXGsHqcOEm8U0oDhIdjNC23YcbZTMGP41goK6o980e6ZySmeRWp050PXIlvJHVFmD--_25Pcsa3zY6aQiD2NhOMrLxMau068KAlUa-4v3XOAFdLq3ZmgJdZdOeYMXz2L7KnGLCeR-g7o7g9std1bpElO0tTGUf52oRE_VFOs4YfFmUW5M7Sul70TjLZjzo6G4LA6ZnmFLqZugGdbkZGMsBKOhmNmouKkVTwi4OcWPSYL2NodjVpH-eu_gGNmjkb4KDcRcNE7cn2SzP0LzoKDy0sJ6dJ5vM0hGqJs06tDqpZsHPDrZJgs17fmylxfuEISN0Oder2a_7t4v-sFuM-QBiiPRogrNxpwvfV_xLmME-3PH0r2ZFp8zF_E2nLU6aLm-8mpEgWeT4UBedpPfD3EWd4OFmcS7Zc0wjKG55Ao4vYb33dC9z_abNSOzDXXIBOxw2xzYeLLA-LllC6ShDvHKB1hJn777yfjqYcrvYclP6_J3WI_sbG_cYLJarF2ZqQzeGT6jI_bAYbeEA9LZPABGffQsQdb2HwNYFcZv-0TqKgxKQWid1MjFw0ecTSSp8HtGfRa48wRBOgBY1A2A2rnYeKEr6ScWQkBCqGTuY85NYaAm8V-JgarCcuVR3d_OU5RoC-Cm_tqCNhGDdkDHu0AUq_RsHgazeXWU-Ipw0wFajj_Odv2UOXxG7nb2K-ErRwJRCe8txwybFnsoWN5tzayxnqxjCD_DNJztNSj01jpPf9nhdjI1YPyaOTnZ18ASdQaCGL2W7SqVoc76QRmiKdmNCWi6xEjHjQACrsZ-Pv_gA3TfjRh0Gf2PAqcCFHm3DTWRmiFTxpPKK5TWI_e7wAoSV4g499J1aaiSd6FwpHEzWiqNbFffv--2bnbcqWNLysqfNYYf9HdvP1UdPr2NjU6vbY7rERjoCB16oEgq-8IbCA9JP1Sdq7ng59MKHTYRXLpQjxuXq1zcPtyVfEg4fp6C9as5jlTsx3zzqkO4TF_en6GQrkb4UtdYKrW4RR3ySl8EbJX67oMv_EpOWa28hCkfXMohuE2rgz5DlOG6LTsJsLv_AlqvHS43qyaMflN3cdJW_J0rBtf66EWTHbnKddDQdnhctPdr25wrT9SO72EHSY0x5RfEARrSTKmPAwWjPCrlUIFDJq4afjEra9jeDRsuSEw36M7cCD8hGe2LHYy6pMmKaTmgB9Ik0BSLPXs0l1MxZRaV99ExzTt8RSj6wZCSC5kBJf_InK3hR04kSg4xauEoal5FQfsP8G5pvyIuSEowEtn5Q-YyGupR7lxuG-Mfusql86S29CuJsdjW966GOyCwPbU5npsCwM6iyF1Z-OSWpjFPRLjGQWxOPO4gQKgxF5dL8IZq1ael7MYGlWl-UO86Nhe3KgqBEsnOlo0j_W0yLHcjSp6aHLou_nIr6I6k6prQiw4QXskqilsb683Cmv0bDWtIZYULrU24uvf64SxTn4_zV-7a34bWJyy7Hdq90h3Lb83p9fgBkjTZae3xurccE_uvkOgsYujsaBJUeTGkpCOczhfRACCp9XqLQUN7K_THP6XAd0PPr41CAzelOkiIs_SsLrPnEkHEPSmuOAHb2uZ69kLHWP7E1oI-WXqRKvnObEz-YxWpUPRK2jl8KqNQWIFu1WTKhU1jmN1ix9mXwJAe-up4P8Cr2HYOAvfDfhjgj8mFOTwTvTlcNTqBXR4V3G5X09bEndsBxC4QeueUitW3rxMg2tPHZFNeknRnq9N9G-6Q1gggUQBTUL54YfCTIwI5ouWMxi4-JSHbJ1tPX45YJ5-x1NaUoTi99hGy6V6Ss1fYfbISsBJ3OESME6ZM36iQAlJXt2qphfhcywBUf4WVx6Nfczs8A82JeS9qxSkRzSTR9tM1-D6AnNNCP2NML7ngdBnpYWFOmOe3reE9N30gP1kppuWPc8t1SE2JtIAgZYoKTT0n9W0C5VM2Xq0l7kdAWz7cDjhpWVjQrTd6TDZfibp0onRzJMBDu-F56f06m8AaElkYPgS2KVcGLqG5D7j6bxdUAP10e9uGJDu9AK6tghPsWFqdXwFIqIImASqUEKqR8sNEW2KXcmvX57G0YntynwwDG85XU1I5YvdFcuQhCeJjXQT2s6P-TAQDq9f75L6p1CGiDga9e6QiXIqXa3CL0N-5jqpi2nUDdb9wgnh8VmjZPUQ_a4yQv7w4sXkKcf7J12xHWcb27Xin2Vb_SYQUi4YJ6hx4Qh6G4XFc0_atswiMr4YGu64xd37X4STONTOvV-UWIAan5InAtkENPXXVudhoERvHZ-lXzHF0_O7OAYFZZAvVrGeRP48icrL8XwVL2asNzUsT7_znzyBvbTniBiD3SvxRm_XGm0q7fTf4Ya3ZABF13i9bCbMpCZZNcWq3O0rCup24fuCiyQGHEuxLaVBqI7xt1TDm62MSHJNNArBsthzU2zplubEqXQP6W-zyu2GM0XezcSMwuZdBU_mb6qeCbgsMhV81VMgEZXo4ItHVmSWeSk-2BeQy7IihrEBlf9HrswC1hk9CslFo_Niqa2zjubrE8NWAeO3mbLst3g-k&cid=CAQSTgDICaaNRtUNes6p7d-c2xGd3Mef4KVlxlV6_zq9ig6b7wlWOz4FxZ_SKJJz6rb4Wggi_eOHtvhA8o_wFHdbYoUxdP9b-yIM4A-D8Ds91BgB&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Fsabaq.news%2F&ds=l&xdt=1&iif=1&cor=17612290501926054000&adk=2228999115&idt=38&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A601 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A601 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame A601 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08521267e6c701100edd9e0b5864d23f0abc3b366c75957a90a16e8828dd56e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7956 38 KB
13 KB 12ms
12ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 509234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 8 KB
2 KB 25ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e34075f84005f2c3fae6cfa49862661e36aedb892fa051204cff66de61789e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2259
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 23:01:00 GMT
expires: Sat, 30 Nov 2024 23:01:00 GMT
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A601 0
0 201ms
51ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstP37WOmHvNJ-Perob9ERLNJ0h9KrTJXtSwsNCk30p8s0eCKj8cwtn0QBpjC_Bj1fyfbhcbmQ4PDmyiH9BCi2O0GZUij0uZ_NnkXWWkEMVKOiKmLU1gnpCISRX8SUjDhHs7KXOqIDn55EoE_zH4gWJSkxHn_LST-skOQ7nvuOKZrdkQ7iPipaX6vJ5jWpTRL0P4utlgzeu43S8-wmcR0RIWf21y3Q6ZSjlhEvSJ0PRZfgJ0Il3POv3quLtxo2S-JdaAFUpUaNCB8Y4yWXIsqFuvWxlLu0Ijb8qJ3cQLdDXQ2zD6r9C6f_JwFwJalPww7olUOhfCRHchbbpym-C_la97Fzg0R_pa3hU_IcqHCaOf01jH1uZ4MtNofYL0NJMYaELnFdbl_2SBQxX3qQug_mf_7IHpFwxH4c9XKS5EgWNrZkf-D1hMi_-exuP3j5KgUOHtm4j1-rct1d5q_u7_HEgwctst8fHUbmkhhCYE1xRsqHm-VyO0ipl5fiTAuG7mQLwqbIrEWYCMUvzKNThuS8UfP-7VVdrmb6JbKgKcBOEf2THXGSWo_FpmnCLixi3N9uLGvkmVspEGSv9x1aDGQFdbHaFQ3HxuGkw6Xx3w8c1W_fg3pq9d3Xd7wpBxZ1YyHdE1zs1Q4mx8mC94IJ9yD28yBX66nHilsqhKHILteGazS2fgi6cRdtcB1wN4iK8021uInHDmCbB0nd58gJixO5g2QL0WimRh0B3DwF811TInDTXJfNq5D_6UrNS8Zk6WEwbPWjcq3B6794rf2Pq1BT1OYFVSp4gTlUaITakTswEtGHKY8rSrJsaGxBWG8NWSVLoNY9GfT8oK-PpW0Yy78PcZ6UsbRTkdifDyLzVlekR4BgV3-mKXvj7QgL4dfxUYvgAQjovz57XfutX_LumUd4BaqXgrzMXAhiySTRGgwpPQ8C_QlQ-Xj6XVae97xv1BcDxa0Az1SI3d70XLmkXTVwm8_Aw3ZEHt3DjcELpzv4Vy6QFmaXoE35qzngv3e5M_pg4ZnDgFdn5odKOItIFRMT-jQBlzYMoa4bXcbILVxJ7_MsDvDWUc1t77DC6u_Ay0PDZUZ4Qw_ICw5EC2RkWjrJTs7-24Q2RsNG241UiHgUMVpiToy_3INRAUjuTHPkMhfWujCBVCzdv5IxawR5DQ5tyv-minsFuIB4MgwPd2jY16BacM-r_KbRN9EEndORLB0gYxTYbnaLuHc_idkqwh4ZbNGm5GPanPHaRGt8f_HskthPWjYiAQPZy18d2H57G1cVxsqWXJGaL1tK8r4Zl_3WUbUygyUiM4nrafD1irmE7l_0j_YuiMrqpLXfp8rnpiNTtn37_pKQcRIkELNXNC2241HbpukdMgkCgKaLUm2Wt2aGHezS6rGzLUowSx31ZqtiCGKXUGRD94UBveUDhXYpoPo6ihrKfS6EXDtggj1Q&sai=AMfl-YR0PG_LpheJFdOPmxOMOb-sJMXBWZm-gAWNxhppwNzWE_96FybTOTeeqU99CmlIuUE2EgcbTwSxvFvaLygR7L2ghEzA-z1FTALjwqkRohNdAuqhwHguByHKqTdnAhfGzKRFAh72WmK-HdYT7XoRXAQStFVTYXReklFg0upVaWD9rwoHV4uSB7NCxnLhRaAezASbcruLed0vH89ahoUSFzM1zmXQhHSBXHb1fS7eJFEkS14KobkHd0wPo4E4vBppiDVBSTEV89OR4p2WAVF7tL-wYnAXBLMxjbkc2w&sig=Cg0ArKJSzBdlFQU6tacyEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=50&cbvp=1&cstd=48&cisv=r20231129.93735&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 00:45:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7956 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 2 KB
775 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ec0667aac9553903dae69fea6948249e6a2584a3077e84d88f573c6a2ccdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 746
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:38:05 GMT

GET
H3 200 TIW-Logo-9B1D26.svg
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 1 KB
733 B 10ms
9ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/TIW-Logo-9B1D26.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0daad48ae767f7dd0d474f818df2b7129edf5f99607dce37cd0a125873efeb86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 23:01:00 GMT

GET
H3 200 5TG_Logo_GER_weiss-01.svg
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 13 KB
4 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/5TG_Logo_GER_weiss-01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a86a96e2dfc858a0300384f71ab5f8e981931204fc37028596e931e32f4a714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4017
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 23:01:00 GMT

GET
H3 200 Kreis.svg
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 12 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/Kreis.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d11cb920b6cff32fc9b9b79211c6208e490e407161a54766f5a103ef6bd8dfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 04:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2191
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Nov 2024 04:25:58 GMT

GET
H3 200 gsap.js Show response
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 55 KB
22 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/gsap.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b146141b7a58530c84ff85038d38e5c6c0b92326db7c806d9f20e3593c8c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22199
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 23:01:00 GMT

GET
H3 200 andreschoenherr__DSC9811-3.jpg
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 51 KB
51 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/andreschoenherr__DSC9811-3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9ccbde50f12a6f02737f553a0bff2ed6906633123dc04c92587af3bc19c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 23:01:00 GMT
x-content-type-options: nosniff
age: 6295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52136
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 23:01:00 GMT

GET
H3 200 font.ttf
s0.2mdn.net/sadbundle/4086932369034555965/728x90/ Frame B9A9 129 KB
51 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/font.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de99107f47082162344c66c65af6050bb394de148e68803d31dc4d6ce362748a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4086932369034555965/728x90/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52138
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:55:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 12:38:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7956 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw3_GQn5qZY_ENPvLjuwPsZmMuAsAAAAAOAHgBAI&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfODknnaTi9Cl853qVsWTbLQf7ehIyX24j1o_xCf5JH0AS0W-tIfOhhKPxK1YdW8nFAgAAADRSAAAAAWgBB5kC_-fTIGDE06daUgWcofsI6WERIp-WRBNi6TmIG9WoLiBQR7WWlO8zIsM8WpsNovfKAltk4KutfIw1QcHqYf-SZNwGW0aC81iyaDAIGwG0H8lkkVZzhZo9HK_9Oi0wxNM_3WJynGwlguz0SbPk3T4Mnx3Ssv9gcAzMqfIFUZjrMkTNrd36WzCZwhHiBPMZiidYoPLgHMDkBKNYXGF8_wA4zcgHgjDnH1xDfKPscAur2oAYDFay6xCfTUhvfnVLdD6jl_TOtRdcKUvB7rxUEVL1F2-u8fw4ZG2c_TEdN7IU5gqcw9-0XSvTNo-VgKfOewjAdz7M8SdlKbEhvG5M0eszQtOs5UAI6HVK3wR0Ek8pAZDzSimmmDzCYYLIG1GlHbVkfi9130kzzf8dEOQTK8EGQQmapDcd-AgOfcDlXyaa1yUq4mRZD30IwzT2lahoHpWYQrOj5yJby8cPsA8_7bDGQo8iko8XtL1cedaT1CZgdGPiYpuxXLI0rrykXkkwViEidCryJK_gEJdNHcSWIraatQLGtm5dOhTkH4RLflXsLpflenmsjrM1vnBrEDIUTMEsVUrotyNdP0YVipajzagTKYVcmSzzv98-AMkchbe570gZqeFljQioMvCSog4sgRD2MNAhiAZUXna4xrwUroYBTlNcKU_0kIzY0KKq8rnKgVDs5Cog-fSV8njMmNrI68UHp2JF6m_m2fCV0gO9vMX1paHhZ8yH9Dd8WJxxyJh0z-xZAPtoot0rZVdl3LFEDP50gxx4anOwIYM8P2XO9-LMiTuf0TCy2ZBJvwM9c7UcdTxPkRM9jzFos_13CrfRroGfHIF8IJ6NC-iGKfBpkzh0izM25tL1tliPPlLH_SuH8oPoPhfWGEIJtR5eliFvRxEyn5ftX4XGV_yRR9LHxPbnOFrjwRQqDkxoydspHrBJVMhY4miYWQr6bunQaeT8vbDcp6HCyotZHe6P4HO2x4Uu919CsiBufX1WCTmYnz9ztQyGKn418LWD6BCWmsmLLOYA

Requested by

Host: ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
URL: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A601 0
0 44ms
44ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstP37WOmHvNJ-Perob9ERLNJ0h9KrTJXtSwsNCk30p8s0eCKj8cwtn0QBpjC_Bj1fyfbhcbmQ4PDmyiH9BCi2O0GZUij0uZ_NnkXWWkEMVKOiKmLU1gnpCISRX8SUjDhHs7KXOqIDn55EoE_zH4gWJSkxHn_LST-skOQ7nvuOKZrdkQ7iPipaX6vJ5jWpTRL0P4utlgzeu43S8-wmcR0RIWf21y3Q6ZSjlhEvSJ0PRZfgJ0Il3POv3quLtxo2S-JdaAFUpUaNCB8Y4yWXIsqFuvWxlLu0Ijb8qJ3cQLdDXQ2zD6r9C6f_JwFwJalPww7olUOhfCRHchbbpym-C_la97Fzg0R_pa3hU_IcqHCaOf01jH1uZ4MtNofYL0NJMYaELnFdbl_2SBQxX3qQug_mf_7IHpFwxH4c9XKS5EgWNrZkf-D1hMi_-exuP3j5KgUOHtm4j1-rct1d5q_u7_HEgwctst8fHUbmkhhCYE1xRsqHm-VyO0ipl5fiTAuG7mQLwqbIrEWYCMUvzKNThuS8UfP-7VVdrmb6JbKgKcBOEf2THXGSWo_FpmnCLixi3N9uLGvkmVspEGSv9x1aDGQFdbHaFQ3HxuGkw6Xx3w8c1W_fg3pq9d3Xd7wpBxZ1YyHdE1zs1Q4mx8mC94IJ9yD28yBX66nHilsqhKHILteGazS2fgi6cRdtcB1wN4iK8021uInHDmCbB0nd58gJixO5g2QL0WimRh0B3DwF811TInDTXJfNq5D_6UrNS8Zk6WEwbPWjcq3B6794rf2Pq1BT1OYFVSp4gTlUaITakTswEtGHKY8rSrJsaGxBWG8NWSVLoNY9GfT8oK-PpW0Yy78PcZ6UsbRTkdifDyLzVlekR4BgV3-mKXvj7QgL4dfxUYvgAQjovz57XfutX_LumUd4BaqXgrzMXAhiySTRGgwpPQ8C_QlQ-Xj6XVae97xv1BcDxa0Az1SI3d70XLmkXTVwm8_Aw3ZEHt3DjcELpzv4Vy6QFmaXoE35qzngv3e5M_pg4ZnDgFdn5odKOItIFRMT-jQBlzYMoa4bXcbILVxJ7_MsDvDWUc1t77DC6u_Ay0PDZUZ4Qw_ICw5EC2RkWjrJTs7-24Q2RsNG241UiHgUMVpiToy_3INRAUjuTHPkMhfWujCBVCzdv5IxawR5DQ5tyv-minsFuIB4MgwPd2jY16BacM-r_KbRN9EEndORLB0gYxTYbnaLuHc_idkqwh4ZbNGm5GPanPHaRGt8f_HskthPWjYiAQPZy18d2H57G1cVxsqWXJGaL1tK8r4Zl_3WUbUygyUiM4nrafD1irmE7l_0j_YuiMrqpLXfp8rnpiNTtn37_pKQcRIkELNXNC2241HbpukdMgkCgKaLUm2Wt2aGHezS6rGzLUowSx31ZqtiCGKXUGRD94UBveUDhXYpoPo6ihrKfS6EXDtggj1Q&sai=AMfl-YR0PG_LpheJFdOPmxOMOb-sJMXBWZm-gAWNxhppwNzWE_96FybTOTeeqU99CmlIuUE2EgcbTwSxvFvaLygR7L2ghEzA-z1FTALjwqkRohNdAuqhwHguByHKqTdnAhfGzKRFAh72WmK-HdYT7XoRXAQStFVTYXReklFg0upVaWD9rwoHV4uSB7NCxnLhRaAezASbcruLed0vH89ahoUSFzM1zmXQhHSBXHb1fS7eJFEkS14KobkHd0wPo4E4vBppiDVBSTEV89OR4p2WAVF7tL-wYnAXBLMxjbkc2w&sig=Cg0ArKJSzBdlFQU6tacyEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=156&dett=3&cstd=48&cisv=r20231129.93735&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: sabaq.news
URL: https://sabaq.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=2693741651524643&bg=!IiGlIW7NAAY3kmNgF5I7ADQBe5WfOCFa6lq5PaW9GDgUsZMFXiWLoYtvCY5o8MceBylw6QRymbgPdYxszN3ctrcDSXrJAgAAAENSAAAAAmgBBwoAgY4YEOaG1-1RxMQXo56FVnnZGlEYFlBoQ0HF-Q4K2p1u6tgb_LcIyzD5KGljU0vTKSsdj0l1L43iVYT9kBLAHtM45tMydWPIOzcziSFH_gl39K3c0l4V1hzOwKx1tJ5QR3to3bgtSsnK-QljpiL1wUavQ3gnO89KUCgv3zW3iy4em5kCwC-gJ8uUcFoujTUfszpbM5sU3UJqHmFi52oxJ11J7P-tbGS2jB99Acu_D0D3FzVfuFZ5KtsZpQqxBCg8nIvBqlMUxsPW8o09Xd-qYt8l8HAAfEh_1_1P19SVFTzoQFBVAB8Wyl3Bue2HWf5Dv6L9tvcUAgYNHfcf68rrXmJcOwG9K50HaisVTF2qAG2vkaPTuugQoNC8eB_2PftzChAwD0DgpTpFNrgwjgysvRmVO09N4RmEtEvAGwX_tXF-saxZwQhauICwA_y8sWSZcG8Vad4-4QffNbARVFdVvknPlANh2RPBbXh7eSrfPGZGyqVqgDH530uXQfPoQ_OSUO5SBKdHF9Ifq4cTi-lbBUQfHRcYOm-C6UvIJ3wULYY9FcIq2TVgad39Ntmaob-C9hkY3YU9our7m5wKn6JDULZ8RH-kkI-H_-hN-4qMPRFCdwopkGwuXjHsfc9ucOdT_2sYAYYI_fu6N_jyUoBxKGG-kuhMg5GkdzJ5j3UD4mpJTjHgcTAIVSmyVKuOoxv9Aw5j7uChCP14B_BoKrTr5MAeKyfIDkEijeinHm8Hsr5f5AkrjOEdyPlfeHyhcFiZW-vZe3ww_h_aQ1oMhYm5-aHnseBCTtsbCamippa5sRY6elBOToLvhQ3f_8Z0lJrFY30dGOpnf-nN2h0sJUyqDf_mng2ZPvn5Uc1dfsids50ZKCkev4MInTNbVsI70Fph760Ep-OoqxJOIKIhDw_sJfbK4XXcRL82zpUbtrV6soCZS3uSisNTZIrS8FuH9eQvRDuLdD34DuPSFtNq4pQl9T-TNfhg1t9gfXfF6RiewlXtqSB2hkZEl7eSYAmPsQvLckxRMs5sVNaxyoZEsDYpdPkCAVTMnPvOnhKDjT7FPJPC1bGzIiLNa1NVBhQl1B_TZw5I6R6-8vQxHXGqQvzhCq9MFrWm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sabaq.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A601 42 B
174 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutFGYP9t7FzI5_FT20eC-Q4LUxdveCJfIv1CkzcWQXf0kTztopzEJWbeh3uI3HjYyTD42gtlWXPwNgsr4Dq7C5wy4oCluMPBz66b2DUwugiwFGsIsRvPijq-U3YanpXsE&sai=AMfl-YRqMXYD_h8t8NOW-Y-q00ALcm6wluYATXFrpx-x-CJnJsfaGq0Ji1KZlc4hOOIQZKJgt9ITofO5YII3mh7eQrCK5nhjC0vW9_p8ni9wHt3Q00q2A-cyzS7sbM-fWcG8mvQvPwfOEI8vS1wpLwJ7zh7JuvrQdYUOt64&sig=Cg0ArKJSzGZV-aoc4Od9EAE&cid=CAQSTgDICaaNRtUNes6p7d-c2xGd3Mef4KVlxlV6_zq9ig6b7wlWOz4FxZ_SKJJz6rb4Wggi_eOHtvhA8o_wFHdbYoUxdP9b-yIM4A-D8Ds91BgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2870657152&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701477954770&rpt=165&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A601 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8254288927171&version=m202311060101&ct=119&x=1&cor=17612290501926054000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
13ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsabaq.news%2F&domain=sabaq.news&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sabaq.news
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sabaq.news
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 00:45:56 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 200007
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 13ms
13ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsabaq.news%2F&domain=sabaq.news&cw=1&pbt=1&lsw=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 00:45:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sabaq.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 201216
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 95ms
29ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: cdd11018cbfb8e79fda1a1706817ac1e638313dad7535188d2219555edbe024d

Request headers

Referer: https://sabaq.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Dec 2023 00:45:57 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sabaq.news
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 01 Jan 2024 00:45:57 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 9B99 0
0 8ms
7ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1701477953801&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame D508 477 B
415 B 33ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=22904268605517197000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://sabaq.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 00:45:57 GMT
last-modified: Tue, 28 Nov 2023 07:18:51 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame D508 101 KB
35 KB 198ms
49ms Script
text/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=22904268605517197000&sn=mc_adapter
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wpcdn.pl
Software: nginx /
Resource Hash: 7622a5a50ad7fd4e040a87cc4859db42b0ecc7fea5f69126b47a7e120053b78c

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:45:57 GMT
content-encoding: br
last-modified: Fri, 01 Dec 2023 12:20:13 GMT
server: nginx
etag: W/"9f16338af2f2557e8a1fc97fb80e6d65"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=900, stale-while-revalidate=86400
access-control-max-age: 900
timing-allow-origin: *
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sabaq.news/	1970-01-20 17:21:09	Name: _pbjs_userid_consent_data Value: 6683316680106290
.sabaq.news/	1970-01-21 01:23:33	Name: _sharedID Value: 84f29e8e-7605-4884-96bb-147884a7ebf5
.criteo.com/	1970-01-21 01:59:33	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 01:59:33	Name: uid Value: 031eb5c8-65e4-4c27-9927-592f6b5c2765
.sabaq.news/	1970-01-21 01:59:33	Name: cto_bundle Value: OW0-wl9XcUhzSXpxVzJEQXBsQTlkbXcyTjk2OUZPODNoWWY4c0tyMGZvMUZ1dFBCM0NjOGltMWJQWWF0cUFUeTQ4UDFkMEo3Y1RQYzJXVnpaSiUyQlVDRHp1dnhrJTJCJTJGRmFjRmZ6OWQ2SFppV25JclZHSTdmc1lwck5CTkZSTHBFb0lsVXRYY1ZSYm5yU0tkNDNndDBVc1ByMDAyOGclM0QlM0Q
.openx.net/	1970-01-21 01:23:33	Name: i Value: e78b05b2-4fb1-4eb5-a21a-4031adc45a96\|1701477953
prebid.a-mo.net/	1970-01-20 16:37:58	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 01:23:33	Name: __amc Value: 1_1701477954_1701477954
.sabaq.news/	1970-01-21 01:59:33	Name: __gads Value: ID=2d5d90080e03c9e2:T=1701477954:RT=1701477954:S=ALNI_Mau4KXprlEGBjfx3L9S3T2jFY5Yrg
.sabaq.news/	1970-01-21 01:59:33	Name: __gpi Value: UID=00000d016d367e40:T=1701477954:RT=1701477954:S=ALNI_MYjOXR_72MtP4SCtyDf35YdpVVO5w
.doubleclick.net/	1970-01-21 01:59:33	Name: IDE Value: AHWqTUlCkgcGMc7Mqhx4dmYzqg2QfYY9wsM5CK4MzoBIGOIUPkEW0wbwyQaXSbUnS6I
.doubleclick.net/	1970-01-20 20:57:09	Name: APC Value: AfxxVi6Xe5F2DY7DdXgwTesVRIvQijve9zJKe93kNvi984bW5um0og
.casalemedia.com/	1970-01-21 01:23:33	Name: CMID Value: ZWp.QpwLOG1bUk.LO2G6qAAA
.casalemedia.com/	1970-01-20 18:47:33	Name: CMPS Value: 5169
.casalemedia.com/	1970-01-20 18:47:33	Name: CMPRO Value: 5169
.adnxs.com/	1970-01-20 18:47:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbztGAf`!@wnfH8K6pQK`!5=E<L5>xi_aEY5Lkj^#gfxg7Zgwr@02`+->zObrU+nVebpRzqF1`baG'UaYx
.adnxs.com/	1970-01-20 18:47:33	Name: uuid2 Value: 4039214771142104963
sabaq.news/	1970-01-21 01:23:33	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-02T00%3A45%3A57%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cmp.optad360.io
dsum-sec.casalemedia.com
ed6f5cd80a8ae5592568e59335f9aaff.safeframe.googlesyndication.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s0.2mdn.net
sabaq.news
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
std.wpcdn.pl
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
104.18.36.155
131.153.206.103
162.19.138.118
172.217.16.194
185.184.8.90
185.89.210.101
212.77.98.32
212.77.99.29
216.58.206.34
2600:9000:2127:8800:a:e047:753:a221
2600:9000:2127:c000:f:a31d:75c0:93a1
2600:9000:2156:d600:6:b871:4f00:93a1
2600:9000:225e:6c00:11:a4de:2580:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:8a9
2606:4700:3030::ac43:cba1
2606:4700::6810:5514
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a02:2638:3::3
2a02:2638:3::c
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.71.131.137
51.89.9.254
54.194.196.88
65.9.66.68
00d8551f2129ca4fb4901b47c52ae9b9f4bfb79503c55576324c7688f54018b9
07d8a679fbaf5b0981e0fed2a8c33213d0a75adf97a10014a449b3bca4875544
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08521267e6c701100edd9e0b5864d23f0abc3b366c75957a90a16e8828dd56e8
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb69b5294ac12bd21822517f697710a3d23176f26f42d01f795b9ea33aa619d
0daad48ae767f7dd0d474f818df2b7129edf5f99607dce37cd0a125873efeb86
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d3e990e5264f2a468ae0a4b6a5a7565e0d8299ef91dbca9ccb385b73bf0c5f
1a86a96e2dfc858a0300384f71ab5f8e981931204fc37028596e931e32f4a714
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1c6cc2fa73ed92105c01830294b748812be0fec780a5d52ad6ae59bd3e036272
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
360f5375b93824b00ba496ea5c6445513fa2bf2e95db045b144196d18bdb2a9d
383f81d5170764e50a23785c27be46cb074820d3739feaacd5683ba8e6723299
3e0530d2b0e71fe73dac68df26f70520a3d48bdded08faf172f4a8348ed5a330
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4917fb75a854551d57c00c416dd9d24265b1e59a8a81a09359905f2f64faf15f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505792d4ccd728e166b1c3f4c9cc295ce92b19344a25f2378361d64882a0d28b
533b8bcb9260108ad1f4a169ea291ef9ff37b4ac1c2a03ce00277cefed0feef3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
555e49a8bd2e0bb733a589bdb7fd59405acf6a5ffefe90939f379c8967c54e60
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ad8ecb411fa29c04fb3739b7f9623129bff121b0f45eb960c9d6df01e184d3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
648335a51cc38d8c25ae85c02e5a2e7f1682956d9f479924ee1d8c6626d7877c
65bb008994fa5db03b2d2e55358e58280714d4392e17af6eaa55a900347931fc
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b9ccbde50f12a6f02737f553a0bff2ed6906633123dc04c92587af3bc19c2f5
70ec0667aac9553903dae69fea6948249e6a2584a3077e84d88f573c6a2ccdda
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
7622a5a50ad7fd4e040a87cc4859db42b0ecc7fea5f69126b47a7e120053b78c
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d
9e98a429b8619f41ec51ed64525bc61d0836920f7ff931c92bfb760ca796532d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff6a38af0862864d5c5b66f401cacae3080b56add8f5923d624e5b3e17c2522
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a231b469a8c7a0d7eb6a642573e54f74a2893ae20b1a7434826f0c694c42aa6e
a2d1191a867404ff515ea0d8ae04bba78138115cc581a28b500a64350e57dbd4
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
adce20bd1f88cf5988eca43989269b47680aca7a009d6b01d1b547aaedcd1ba9
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9286ee565f5adfc12b14519e91524aef9314b32bb9ec30f7ac3b77e46d51d48
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdd11018cbfb8e79fda1a1706817ac1e638313dad7535188d2219555edbe024d
cdd2d9dbc46b454f8e8c009fde27e109baacd7343375d8abac007fd56f2b8932
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d11cb920b6cff32fc9b9b79211c6208e490e407161a54766f5a103ef6bd8dfb4
d27864e2fd1c5fefa4dbfcd802f1f376abe7bcc0b200303906cac4c9eddb0589
d3e34075f84005f2c3fae6cfa49862661e36aedb892fa051204cff66de61789e
d5c332bf56cd50ef08ecbedb740f6debff5814c008da6cfa95fa6a81d109cb50
dd69fe60a34605ef29f514f62a2ceeb8b679393a99ed451e717c8549a23e31c8
de99107f47082162344c66c65af6050bb394de148e68803d31dc4d6ce362748a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e589bc4beea6f716e0128087f219a98b83e842f8e51c26472af38257965c6efb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9545559bad28f2d4ab92b91d88cf0fa40e5a74c16341aa3492bbf24378bd6a5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0490dbedb4e61365032c24a9fd60a7d26ea8f33b70436adee693548f09b817
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3aca6e2d8b1b8aeb156a77d0dd0f4c93725c92661403dc9fc425d6501cf630
f2b49ae118707bc6a883c9b5d33321c1c5744e5e61ba5338ef2e7e4086d1e1b8
f6b146141b7a58530c84ff85038d38e5c6c0b92326db7c806d9f20e3593c8c72
faabeea701bb1ee3074767d209528b0be4652d8062d67ff8ed66174b6d140896
feade23a47f6041e6d1008885642dd7ab7cc4f12d94b0c7191c9cf8ca55df97d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

sabaq.news Open in urlscan Pro 2606:4700:3030::ac43:cba1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

94 %HTTPS

51 %IPv6

25 Domains

36 Subdomains

36 IPs

8 Countries

1456 kBTransfer

3588 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sabaq.news Open in urlscan Pro
2606:4700:3030::ac43:cba1 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

94 %
HTTPS

51 %
IPv6

25
Domains

36
Subdomains

36
IPs

8
Countries

1456 kB
Transfer

3588 kB
Size

18
Cookies

102 HTTP transactions
2 data transactions