vootserial.com Open in urlscan Pro
2606:4700:3035::ac43:a656 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vootserial.com/mtv-ace-of-space-2-episode-23/
Submission: On May 17 via manual (May 17th 2021, 12:28:44 am UTC) from US

Summary HTTP 187 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 23 domains to perform 187 HTTP transactions. The main IP is 2606:4700:3035::ac43:a656, located in United States and belongs to CLOUDFLARENET, US. The main domain is vootserial.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2021. Valid for: a year.

This is the only time vootserial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3035::ac43:a656	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:9f11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3031::6815:237e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3038::6815:eae9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	104.149.136.190 104.149.136.190	40676 (AS40676) (AS40676)
4	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
20	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
12	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
4	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 16	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
4	144.76.209.249 144.76.209.249	24940 (HETZNER-AS) (HETZNER-AS)
7	172.67.128.112 172.67.128.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3033::ac43:c0c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 9	185.11.128.202 185.11.128.202	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
187	34

22 2606:4700:3035::ac43:a656 (United States)

ASN13335 (CLOUDFLARENET, US)

vootserial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9f11 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:237e (United States)

ASN13335 (CLOUDFLARENET, US)

newsiqra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eae9 (United States)

ASN13335 (CLOUDFLARENET, US)

downloadvid.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.149.136.190 (Los Angeles, United States)

ASN40676 (AS40676, US)
PTR: mx1.cbox.ws

my.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.6.241 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.209.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: four.cbox.ws

www5.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.128.112 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:c0c1 (United States)

ASN13335 (CLOUDFLARENET, US)

cbox.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:eee (United States)

ASN13335 (CLOUDFLARENET, US)

stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.11.128.202 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-202.dataspace.pl

gde-default.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pro.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com tpc.googlesyndication.com 7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com 867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com pagead2.googlesyndication.com	126 KB
28	adform.net 4 redirects s1.adform.net adx.adform.net track.adform.net	347 KB
22	vootserial.com vootserial.com	380 KB
21	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	915 KB
12	cbox.ws my.cbox.ws www5.cbox.ws static.cbox.ws	33 KB
9	gemius.pl 1 redirects gde-default.hit.gemius.pl pro.hit.gemius.pl	50 KB
7	ampproject.org cdn.ampproject.org	134 KB
6	google.com 1 redirects adservice.google.com www.google.com	697 B
5	histats.com s10.histats.com s4.histats.com	5 KB
4	google.pl adservice.google.pl	1 KB
4	cbox.im cbox.im	50 KB
4	sascdn.com ced.sascdn.com	45 KB
4	cloudflare.com ajax.cloudflare.com	16 KB
4	facebook.com www.facebook.com	147 KB
4	newsiqra.com newsiqra.com	3 KB
3	gstatic.com fonts.gstatic.com	58 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	4dsply.com cdn.engine.4dsply.com engine.4dsply.com	66 KB
1	googleapis.com fonts.googleapis.com	687 B
1	vlitag.com stats.vlitag.com	544 B
1	imgur.com i.imgur.com	55 KB
1	downloadvid.xyz downloadvid.xyz	682 B
1	jsdelivr.net cdn.jsdelivr.net	3 KB
187	23

	Domain	Requested by
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com newsiqra.com cdn.ampproject.org tpc.googlesyndication.com
22	vootserial.com	vootserial.com
20	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net adx.adform.net vootserial.com newsiqra.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	s1.adform.net	ajax.cloudflare.com adx.adform.net track.adform.net s1.adform.net 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
10	adx.adform.net	4 redirects newsiqra.com s1.adform.net
7	gde-default.hit.gemius.pl	1 redirects s1.adform.net gde-default.hit.gemius.pl
7	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
7	static.cbox.ws	www5.cbox.ws static.cbox.ws
6	track.adform.net	4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com s1.adform.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.pl	securepubads.g.doubleclick.net
4	cbox.im	www5.cbox.ws static.cbox.ws
4	www5.cbox.ws	my.cbox.ws www5.cbox.ws
4	ced.sascdn.com	ajax.cloudflare.com
4	s4.histats.com	s10.histats.com
4	ajax.cloudflare.com	newsiqra.com
4	www.facebook.com	vootserial.com www.facebook.com
4	newsiqra.com	vootserial.com
3	fonts.gstatic.com	fonts.googleapis.com
2	pro.hit.gemius.pl	4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
2	www.google.com	1 redirects newsiqra.com
2	www.googletagservices.com	securepubads.g.doubleclick.net 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
2	4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	newsiqra.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	stats.vlitag.com
1	f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	engine.4dsply.com	cdn.engine.4dsply.com
1	my.cbox.ws	downloadvid.xyz
1	s10.histats.com	vootserial.com
1	i.imgur.com	vootserial.com
1	downloadvid.xyz	vootserial.com
1	cdn.engine.4dsply.com	vootserial.com
1	cdn.jsdelivr.net	vootserial.com
187	37

This site contains links to these domains. Also see Links.

Domain
viagrafiyat.eniyibloglar.com
filmsinema.net
www.cialisdeals.com
cialisturk.blogkullan.com
cialisturk.eniyibloglar.com
umraniyetip.org
www.doescorts.com
freewatchserialonline.com
indianwebseries.me
freewatchhindimoviesonline.com
www.starvid.xyz
www.dittovid.xyz
www.google.com.tr
newsinfo.club
www.facebook.com
www.cialis20mgsite.com
viagradoktorum.com
www.fitamin.net
viagrasatisi.blogkullan.com
orginalcialis.com
www.keremiya.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-09` - `2022-03-08`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-11` - `2022-03-26`	10 months	crt.sh
4dsply.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
histats.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
cbox.ws R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh

This page contains 21 frames:

Primary Page: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Frame ID: FAA9AEFC47A2A4884F40EC464B1AEF1E
Requests: 32 HTTP requests in this frame

Frame: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Frame ID: 15698FCFC5659F56A9A189DAFADCC2AE
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35
Frame ID: A8660D61F37F8530A4976C47E6A2E428
Requests: 4 HTTP requests in this frame

Frame: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Frame ID: 285EBC1AFDEAAB534E99C4F34BB0311C
Requests: 6 HTTP requests in this frame

Frame: https://downloadvid.xyz/chat.php
Frame ID: B2CD2DF9CA1D9408E31951A22BB70B05
Requests: 1 HTTP requests in this frame

Frame: https://newsiqra.com/300x600.php?cid=998775&type=vcid
Frame ID: E88BDCE4C49854DF18B2B578A6F7F9A5
Requests: 6 HTTP requests in this frame

Frame: https://newsiqra.com/300x250.php?cid=998775&type=vcid
Frame ID: B79420BFCAC2EE62590D188F41E52DEE
Requests: 4 HTTP requests in this frame

Frame: https://my.cbox.ws/serial69
Frame ID: 97C097F5BC1694678D67A830C9E950C2
Requests: 1 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?CC=1&mid=950937
Frame ID: 86801969F6C30E89C7FC540C9A0E939C
Requests: 15 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?CC=1&mid=913991
Frame ID: D9C6C614B0EFDCD9171FB96ACEB5A7B0
Requests: 12 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Frame ID: 70336694FBBE6BFD8768F8038F9C38FB
Requests: 12 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=form
Frame ID: 27F93CA7FA69467E1EE0E119E35B13CB
Requests: 3 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?CC=1&mid=977706
Frame ID: 36E9805DA55C9B078E7F3CE5329E7DD6
Requests: 13 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?CC=1&mid=977706
Frame ID: 81E710276806A90208A706F29A2662F0
Requests: 12 HTTP requests in this frame

Frame: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 416B9715CD2152E95B65D4E0BF27B79E
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 6D8FB6A287761282A03BD3D2F9B1603A
Requests: 24 HTTP requests in this frame

Frame: https://gde-default.hit.gemius.pl/gdejs/xgde.html
Frame ID: F506F2AC45F081081A302A1360B5FBD8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0B31DDEA78E64E6F2EF8AA32CAD86413
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F0F1248F9DD132DB82232FEDD4F9B2D1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9DF39825ABD3C1E083A005D7585D51C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 57FD46E71D76BA331B61CE2BC34D470C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

187
Requests

97 %
HTTPS

68 %
IPv6

23
Domains

37
Subdomains

34
IPs

6
Countries

2500 kB
Transfer

6130 kB
Size

8
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://viagrafiyat.eniyibloglar.com/
Title: https://viagrafiyat.eniyibloglar.com

Search URL Search Domain Scan URL

URL: https://filmsinema.net/
Title: film izle

Search URL Search Domain Scan URL

URL: https://www.cialisdeals.com/
Title: https://www.cialisdeals.com

Search URL Search Domain Scan URL

URL: https://cialisturk.blogkullan.com/
Title: https://cialisturk.blogkullan.com

Search URL Search Domain Scan URL

URL: https://cialisturk.eniyibloglar.com/
Title: https://cialisturk.eniyibloglar.com

Search URL Search Domain Scan URL

URL: http://umraniyetip.org/anadolu-yakasi/atasehir-escort/
Title: ataşehir escort

Search URL Search Domain Scan URL

URL: http://www.doescorts.com/
Title: antalya escorts

Search URL Search Domain Scan URL

URL: http://freewatchserialonline.com/
Title: Latest Serials

Search URL Search Domain Scan URL

URL: https://indianwebseries.me/
Title: Web Series

Search URL Search Domain Scan URL

URL: https://freewatchhindimoviesonline.com/
Title: Hindi Movies

Search URL Search Domain Scan URL

URL: http://www.starvid.xyz/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Title: Star Plus Serials

Search URL Search Domain Scan URL

URL: http://www.dittovid.xyz/
Title: Zee Tv Serial

Search URL Search Domain Scan URL

URL: https://www.google.com.tr/search?hl=tr&q=Mtv%20Ace%20Of%20Space%202%20Episode%2023

Search URL Search Domain Scan URL

URL: https://newsinfo.club/vcid.php?cid=836537

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://vootserial.com/mtv-ace-of-space-2-episode-23/

Search URL Search Domain Scan URL

URL: https://www.cialis20mgsite.com/
Title: cialis satın al

Search URL Search Domain Scan URL

URL: https://viagradoktorum.com/
Title: viagra

Search URL Search Domain Scan URL

URL: https://www.fitamin.net/
Title: viagra

Search URL Search Domain Scan URL

URL: https://viagrasatisi.blogkullan.com/
Title: viagra satış/a>

Search URL Search Domain Scan URL

URL: https://orginalcialis.com/
Title: cialis

Search URL Search Domain Scan URL

URL: http://www.keremiya.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://adx.adform.net/adx/?mid=950937 HTTP 302
https://adx.adform.net/adx/?CC=1&mid=950937

Request Chain 59

https://adx.adform.net/adx/?mid=913991 HTTP 302
https://adx.adform.net/adx/?CC=1&mid=913991

Request Chain 62

https://adx.adform.net/adx/?mid=977706 HTTP 302
https://adx.adform.net/adx/?CC=1&mid=977706

Request Chain 63

https://adx.adform.net/adx/?mid=977706 HTTP 302
https://adx.adform.net/adx/?CC=1&mid=977706

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 170

https://gde-default.hit.gemius.pl/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600%7Cxref%3Dhttps%3A%2F%2Fvootserial.com%7Ctq%3D1&lsdata=-NOTSUP&href=https%3A%2F%2F4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&ref=https%3A%2F%2Fnewsiqra.com%2F HTTP 301
https://gde-default.hit.gemius.pl/__/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600%7Cxref%3Dhttps%3A%2F%2Fvootserial.com%7Ctq%3D1&lsdata=-NOTSUP&href=https%3A%2F%2F4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&ref=https%3A%2F%2Fnewsiqra.com%2F

187 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vootserial.com/mtv-ace-of-space-2-episode-23/ 31 KB
7 KB 280ms
249ms Document
text/html 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a576c9135aeb57c2609f7941cbaf59ca03e469e73a1f527a3870c484903c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vootserial.com
:scheme: https
:path: /mtv-ace-of-space-2-episode-23/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://vootserial.com/wp-json/>; rel="https://api.w.org/", <https://vootserial.com/wp-json/wp/v2/posts/93488>; rel="alternate"; type="application/json", <https://vootserial.com/?p=93488>; rel=shortlink
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
cf-request-id: 0a19526a120000dfbfd13e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ftgCcQFg%2FpXQ%2FjWV6%2Bzn%2FgUdWYGWB4qa6zefoXXo9XccDBOawVjP09ccZUkQPl53jBN5Txzga0fsf21A7A235v1PMjrefFUQ2Q5JjiFfdrKIdwbElY%2BT79kxlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9bcebf9dfbf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 jquery.js Show response
vootserial.com/wp-content/themes/keremiya/js/ 92 KB
32 KB 38ms
23ms Script
application/javascript 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-content/themes/keremiya/js/jquery.js?ver=1.7.1

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f863c9c6bf5da6142dd422ebc55635e48d514a5a12aa85b94a2453147d735c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/js/jquery.js?ver=1.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526b2e0000d6f5aaa4d000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iFXP%2F8Xq4y1kNarqUFjImRK2slOyc6zlT8Lj%2Bx%2FM0S4oYA0tFJedZ48iNKNLQ0dsSw0UGzbpIjuIy2eVesetDz6a7T78UJ0xrMao4gx2nWNTY2nEV4vnlPYysA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9beaaa6d6f5-FRA
expires: Thu, 10 Jun 2021 06:29:22 GMT

GET
H3-29 200 likesScript.js Show response
vootserial.com/wp-content/themes/keremiya/js/ 942 B
1 KB 32ms
17ms Script
application/javascript 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-content/themes/keremiya/js/likesScript.js?ver=3.3.1

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029b71f52d3a782a56a36219ddc27d48671471737a84f77b97186751a974a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/js/likesScript.js?ver=3.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526b2e0000d6f5d3924000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aTz4Ay41Yc6SVBWCiMQKURhfHI0jTQrOG6BHeCeu9y1ORh5VbjyI0Ec6k1G%2B9Q7%2FFz3ELQCMO4LMEMTM6BASEUAM6ASQ6fIg8%2BL9OJmVx3shsvQlIxXkL1aDXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9beaaa7d6f5-FRA
expires: Thu, 10 Jun 2021 06:29:22 GMT

GET
H3-29 200 style.min.css
vootserial.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 50ms
36ms Stylesheet
text/css 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 340607
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526b2e0000d6f5d82f9000000001
x-nginx-upstream-cache-status: MISS
last-modified: Thu, 15 Apr 2021 07:51:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rp7x%2B0F9fjEJC0G%2FkkseuHe8kcStossqehdt%2FF4dAKLOu2EpZKRi7rlpYEdfWCNh8qVPwu2am4Cg2l1HkPOq%2BWkqrx7ttydGlk2NA3WXWyKl%2BwWwTNlKOZu4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9beaaa8d6f5-FRA
expires: Sat, 12 Jun 2021 01:51:37 GMT

GET
H3-29 200 pagenavi-css.css
vootserial.com/wp-content/themes/keremiya/ 691 B
944 B 43ms
29ms Stylesheet
text/css 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-content/themes/keremiya/pagenavi-css.css?ver=2.70

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849b67cd71f5a9b19a55eee26c2035a9ed95ed5495559a889f4203eee713b497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/pagenavi-css.css?ver=2.70
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526b2d0000d6f501180000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V%2BQeLQhLR1HxIsh2C0UC3Niy%2FhhCOHl739jmBVU3VBGV65foJdx7DIeT2w%2B%2BeFmsq7smo2zsBOyF63LFsqENo%2BixxHPbOYX1wpeTL9MROldu%2ByDBcF4CWDXh1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9beaaa2d6f5-FRA
expires: Thu, 10 Jun 2021 06:29:22 GMT

GET
H3-29 200 ezgif-happy-1.gif
vootserial.com/wp-content/uploads/2020/12/ 170 KB
170 KB 14ms
14ms Image
image/gif 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/uploads/2020/12/ezgif-happy-1.gif

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856cf4caca7042e9161fe703759a2233b6fcac0e636e26c12774acef8c47c270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/12/ezgif-happy-1.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 499284
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 173740
cf-request-id: 0a19526ba30000d6f5df82d000000001
x-nginx-upstream-cache-status: STALE
last-modified: Thu, 31 Dec 2020 16:41:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9zpFV8CB0KXqit6tvV3DTnrbmQKSbX8JnPNqfNKM03tNl3fa339KHDxAiPpkhSsl%2Fs7cHUGEA0lO2XcdfFrefQabz0jzEPZcJUByq6oQr%2BGLH3RZfTh1JJ1xFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf6b54d6f5-FRA
expires: Sat, 10 Jul 2021 05:47:00 GMT

GET
H3-29 200 google.png
vootserial.com/wp-content/themes/keremiya/images/ 1 KB
2 KB 37ms
36ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/google.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b4fa7a55fd393b7c4ebfbb0a03a36da71baabaf7855707c6732757d9a93e4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/google.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 497112
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1094
cf-request-id: 0a19526ba40000d6f5bb016000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DaUJLl3MnyYzXpAbpuEURswItUlbQBO28v%2FCpseCzFBFqmwg6r7ccAZ15v6aaG%2FQgLcPUv4zy22APxcVfZQg%2BvXQLZC0dUJc3w3u7GpOtccHhu0%2BdOLwYHEVdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf6b58d6f5-FRA
expires: Sat, 10 Jul 2021 06:23:12 GMT

GET
H3-29 200 facebook_paylas.png
vootserial.com/wp-content/themes/keremiya/images/ 5 KB
6 KB 36ms
35ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/facebook_paylas.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ffaf7c388b4e0ce12333021c141d068ebcd19b1db2586bebd8dd2f3496c3224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/facebook_paylas.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 497112
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5097
cf-request-id: 0a19526ba50000d6f5a5b5f000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c9cr%2ByugAwqjUN6gxnZwObvB0w00tbF3U1bmynCjIxaDQdYOeTCeNBwIKFFFs54MUknBtf5145XowzDRP%2BbMRB8QEEyoUflfISEcEq6Idl00lJsdX3jRYtaaeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf6b5ad6f5-FRA
expires: Sat, 10 Jul 2021 06:23:12 GMT

GET
H3-29 200 Mtv-Ace-Of-Space-20191001-064827512x512.jpg
vootserial.com/wp-content/uploads/2019/10/ 15 KB
15 KB 18ms
17ms Image
image/jpeg 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/uploads/2019/10/Mtv-Ace-Of-Space-20191001-064827512x512.jpg

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebedd1a27c89ac73c80fcedb45b4682b7105ff8061541ff64a170c8ad53ef6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/10/Mtv-Ace-Of-Space-20191001-064827512x512.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 493455
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15141
cf-request-id: 0a19526ba60000d6f5939d4000000001
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 01 Oct 2019 01:18:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ygfJKkY3VgEshSrmQUc2hgQoe1NR6pGuz7XSUQD2TQsDJvuR0qt84QKHcdwE0gbZiYLDPn6gYVVlxq7JPBQHKyDG7WFn675qde5pHtD7%2FyzCsaBgnfPLh5bT3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf6b5bd6f5-FRA
expires: Sat, 10 Jul 2021 07:24:09 GMT

GET
H3-29 200 keremiya.png
vootserial.com/wp-content/themes/keremiya/images/ 1 KB
2 KB 37ms
36ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/keremiya.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51173bcf821962d2d61eca13749e03395030fb1fee454813dbd84fda761e9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/keremiya.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1136
cf-request-id: 0a19526ba60000d6f5aaa53000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pgfd7yAf7qHJ4pBw92BjZX%2BkN4Ey2QsX7O5z5kgeJ%2FExQBkpzxUg%2B1%2FmgeXFouP2DBkuyOSwYSD0GvGbjm92FPcoKJUqGF0wCV38uWLiC7msdENljWunOhhXlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf6b5cd6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H2 200 v1.0.min.js Show response
cdn.jsdelivr.net/gh/vli-platform/adb-analytics@77bebb/ 8 KB
3 KB 8ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/vli-platform/adb-analytics@77bebb/v1.0.min.js

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5edd3972c9d54d03135a136041ef2e7ce1bdad0dbca86f47dcfabf0a191f8403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34383
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 3343
etag: W/"1e18-FthiU1oHTzwU7+R+mIDJVHYo9LE"
x-served-by: cache-fra19131-FRA, cache-hhn4025-HHN
date: Mon, 17 May 2021 00:28:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 style.css
vootserial.com/wp-content/themes/keremiya/ 37 KB
7 KB 42ms
30ms Stylesheet
text/css 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-content/themes/keremiya/style.css

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5595f21aa09842967c685c66ac746943ae17ae9a5fe4e83e571424956fcb124d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526b2e0000d6f5f2b16000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sdzcD5pb62lkEMvo8HT9iym%2BLLUBW3efuU3bmeUZPMHlRfca01%2BSrcCIvhb64uj1U2tEc8OweTXVHW4ydpGrpEQ43uj6zZIGa3dvXEtVCuJF2JZ36OpYu26img%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9beaaa4d6f5-FRA
expires: Thu, 10 Jun 2021 06:29:22 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
vootserial.com/wp-includes/js/ 14 KB
5 KB 45ms
44ms Script
application/javascript 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: vootserial.com
referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/mtv-ace-of-space-2-episode-23/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 340607
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526ba60000d6f5e2972000000001
x-nginx-upstream-cache-status: MISS
last-modified: Thu, 04 Feb 2021 07:51:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BHewk59aXQF%2BHVvO3QvpBnDuF2kT%2FBuqEQK50EjLqnpdQDd5K6Eh%2BNJ8r6l3%2BU5%2BRy5ERQO1Ed%2FUIPzeQvsirRi3p2Nk8KUBABw25KmIvdAHD4cBn3opoDKcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
cf-ray: 6508b9bf6b5ed6f5-FRA
expires: Sat, 12 Jun 2021 01:51:37 GMT

GET
H3-29 200 bg.png
vootserial.com/wp-content/themes/keremiya/images/ 10 KB
11 KB 41ms
34ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/bg.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3879df3ee782fe23e021e67c948df57f43d3a659393abd35e897da66316e6ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/bg.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10166
cf-request-id: 0a19526bb20000d6f58fa0b000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D3Isu4vIBhEisYJPX9nvF2lGt4b3WR2PQ2Ps3vkPYEHq6gPOSl3yM6mfdUMHk%2BYCw3FFr2FxL64oj0KkzS0R3OmCJ38hsffbqr%2BBXp%2BmPyOycJwwxZkqY0Pakg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9bf8b73d6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 179 KB
63 KB 351ms
270ms Script
application/x-javascript 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c7b62cde-39d3-42bb-842c-6be17ce9460e
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cef41d3435d61780099da1457e3d78457df25504b4c335caed786aec5b971266

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: public, no-transform, max-age=900
cf-ray: 6508b9c01ae94d89-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0a19526c0a00004d89ff10c000000001

GET
H2 200 730x90.php Show response
newsiqra.com/ Frame 1569 1 KB
770 B 505ms
430ms Document
text/html 2606:4700:3031::6815:237e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebad2b0f58e6a15900e508c173d17681d2abb4a3fcd81fdd5cc512365a696a7c

Request headers

:method: GET
:authority: newsiqra.com
:scheme: https
:path: /730x90.php?cid=998775&type=vcid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a19526c0b00004e4a59811000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vLKq7VuQe%2BOo3YukRVOsM3NitwyHxkJ2qmFcW9fRlvWpHQwrVYKxgMOQ7oiZaN4P%2BUbBa0dHrM9uPcyeTo15dDauGM9BX5GyVXgqyJ4NR5syQKt3i%2BmIhXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9c01cdf4e4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame A866 46 KB
14 KB 321ms
320ms Document
text/html 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

492d6ee72205f7b0afc357c1f6fc6b99c15bea2b80c0b0da87d9c549b4939908

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: PflxUE6Nvm0/QVBhVQCXwzIxz+kFdr8r8FtwRWJflfo4PUAHITxicN+ZY1XaDB1i1BWaH47QjAxk4JgTXH/wiw==
date: Mon, 17 May 2021 00:28:25 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 730x90.php Show response
newsiqra.com/ Frame 285E 1 KB
770 B 462ms
394ms Document
text/html 2606:4700:3031::6815:237e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f488f0041880c71ccc3c75b6310c94b4846d602d2958ab65280562e884960a13

Request headers

:method: GET
:authority: newsiqra.com
:scheme: https
:path: /730x90.php?cid=998775&type=vcid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a19526c0b00004e4a79053000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=34XYdD2yQfG4Rx%2B2pxkn8GlzbPkQYWz93gm0v0ETEWLmFioq2YpORhPTtcuLsSbtPpb88MJqTCafqeDQElB9%2BZT67KiYPyOZKYeIqCqPvFZDT2ptGTqsMVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9c01ce14e4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chat.php Show response
downloadvid.xyz/ Frame B2CD 191 B
682 B 154ms
53ms Document
text/html 2606:4700:3038::6815:eae9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downloadvid.xyz/chat.php
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eae9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f5a420a4e3243dc6a5a6e9bc1aedc3978c8122e39922fc83693cb6a99191fa56

Request headers

:method: GET
:authority: downloadvid.xyz
:scheme: https
:path: /chat.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 0a19526c4c00004e55ee815000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FBA1l%2B9wg1T9rNzmSuMOH840qfC8ovLlO6om12073bGFhR8crJ%2BaMtlhHCkSgTUPb0NZixryEK7Y8EYV%2B3gGWMjScLqzTw1sAmFgZO%2BRCWkPJEOQI%2B397WPUtfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9c07d314e55-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 300x600.php Show response
newsiqra.com/ Frame E88B 1 KB
1 KB 184ms
155ms Document
text/html 2606:4700:3031::6815:237e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsiqra.com/300x600.php?cid=998775&type=vcid
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c414eb8ef826c3f17a8a4e80f573133c649ab8171c45bd17fbbe3925c668a7

Request headers

:method: GET
:authority: newsiqra.com
:scheme: https
:path: /300x600.php?cid=998775&type=vcid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a19526c0d00004e4a9f0f9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LivSnAlYZL93SqHF%2BX070sSrR92roaHgF%2FJUiwVTZYUwWEWJmozLcT4wJnnegwWo0hR31lVIlQpSpwL9WD%2BkI3UKQkVOEJBVvniPwdTJGJDZV06ZccZCAmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9c01ce54e4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 300x250.php Show response
newsiqra.com/ Frame B794 1 KB
745 B 457ms
429ms Document
text/html 2606:4700:3031::6815:237e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsiqra.com/300x250.php?cid=998775&type=vcid
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110eeb66c541a5c52df5bbd8a48008f65087684f52731da1260b75a587623be9

Request headers

:method: GET
:authority: newsiqra.com
:scheme: https
:path: /300x250.php?cid=998775&type=vcid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vootserial.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vootserial.com/

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a19526c0b00004e4a5daec000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qf5XDb1liF9ofFcEDCywbf3r6gwD3LSy%2BW1pP9bSdLWeUue7slV%2Fe5zrUpGyrMSmjZSp1jR%2FV%2B8o9XljmzYdddhQHrmJlYrMV1%2Bc%2BBKN43J0j540El7F3u8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6508b9c01ce44e4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 sprite.png
vootserial.com/wp-content/themes/keremiya/images/ 11 KB
12 KB 82ms
24ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/sprite.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89d5f07c2803888e857667bdc084996ede9223b5dfdf990ffee6c2668358be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/sprite.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11570
cf-request-id: 0a19526c0b0000d6f5a900a000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KvliDgm2RydFE5gRXV6qfaTamgVuvKEC173NygiIV%2F8VLf8SxvYH27ipVMwRUawmCSoZJ%2BjLUDiAaWJRo4YHDEWzgp8vvelc7Gc6NUBqxzxu31F4Q5mwEntRbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01be7d6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H3-29 200 hepsi.png
vootserial.com/wp-content/themes/keremiya/images/ 22 KB
22 KB 52ms
16ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/hepsi.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97f0890ed14a0813582d2a018a9bb11b4c24ab1724c40102feee75e2c063ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/hepsi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22253
cf-request-id: 0a19526c0b0000d6f5fe86e000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ranoUWEjFyORwgAfOvbDSt536xdXw%2F0icxthtJsdu4tQYIXfU5EJLj2E8si14EEIbb204rQNANjeCx1BapUvpEasb2A8DWjIAZ7zt9ql%2F2gNU46k%2Bg3k6O%2BPOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01be9d6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H3-29 200 oswald.woff
vootserial.com/wp-content/themes/keremiya/font/ 24 KB
25 KB 39ms
17ms Font
font/woff 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vootserial.com/wp-content/themes/keremiya/font/oswald.woff

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34cf09403dc06bad173e24d991e275fca7aa399bacd7b158a4270fd00dc4c8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/font/oswald.woff
pragma: no-cache
origin: https://vootserial.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://vootserial.com
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496660
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24516
cf-request-id: 0a19526c0a0000d6f5a5220000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NtexpzKKUw2ycVh6CoZest66tn9EN4dBdfNeOJmCXFYnsA48%2FlryBHnE%2BF%2F7kruTvht7n6KOBAS5N8Z7Y4ACXSA0nSvRUdV7Eo%2FlapgmCI5iKWi3uyvsIJaVUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01be2d6f5-FRA
expires: Sat, 10 Jul 2021 06:30:44 GMT

GET
H3-29 200 html-icon.png
vootserial.com/wp-content/themes/keremiya/images/ 39 KB
40 KB 35ms
18ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/html-icon.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48fda187e5369aa77a59bbf923d45524a9f4f4b0923032a9f6548f913a5c6968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/html-icon.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40196
cf-request-id: 0a19526c0b0000d6f5f7945000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dT0Q1pv0OZhpN1ZDaY5HWj8Pa9MtSTE10vT1a1ITZL%2FLY8aGpP3Er593oDVk88zAfK42ykUsWrqscbWpea4tvA2UtO1p6EpyaWcBB6q%2FYHJf%2FpnI5yAbYzgJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01bead6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H3-29 200 navbar.png
vootserial.com/wp-content/themes/keremiya/images/ 266 B
915 B 40ms
25ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/navbar.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72014c6d61e7ffc04c67aebc39e08f72e22254e09d4ff26ac819162e1519ce06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/navbar.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496660
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 266
cf-request-id: 0a19526c0b0000d6f5cdbe2000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NQX0y4xYc7PanLVS1BNU6LUR%2FZKn%2F%2BqxgY1hvbNHXZI%2FFv41x3SA%2FRx5n%2BC3Gzejl4Ez0TnA99DD0X0Utw7lDHi5y8AryiEgAG02uscAs%2F6f6wfiSpd7yUH%2Faw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01becd6f5-FRA
expires: Sat, 10 Jul 2021 06:30:44 GMT

GET
H3-29 200 tv.png
vootserial.com/wp-content/themes/keremiya/images/ 1 KB
2 KB 44ms
30ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/tv.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dd9a5575139247ec6290b29334ef6b1986eed64ab74f15b289c886865a4d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/tv.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 497112
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1050
cf-request-id: 0a19526c0e0000d6f50420a000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WCuLz%2B3aqxQzc6Lz9nZoYWZMXoPGY%2FEKE0iQVnCAy9hjldBRn3iRnfwq00JrI5Lx0%2BC90F%2BTXNggtVlqDto5DtrliVh5sIzRedZEvh5qZFfsbnPfhSrLaClQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01bedd6f5-FRA
expires: Sat, 10 Jul 2021 06:23:12 GMT

GET
H3-29 200 naka.jpg
vootserial.com/wp-content/themes/keremiya/images/ 8 KB
9 KB 37ms
23ms Image
image/jpeg 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/naka.jpg

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa528f5b50e7375a48a56bd76602aa52b6294e1b16d8140f5917cbc79a4694cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/naka.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8370
cf-request-id: 0a19526c0c0000d6f501189000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HkEleYqvABYUE7B0jq9hYcp0M9Uoxcto29Eq1mWnihfIfTdf5Yv9MtWxCczzBPDB%2BBV3Uvl2d9AM1%2BBeyO%2FHWfYdauVWaqaDEFLAGXIbydW50vdej5xYtGCvfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01beed6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H3-29 200 filmalt1.png
vootserial.com/wp-content/themes/keremiya/images/ 708 B
1 KB 44ms
30ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/filmalt1.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a5dbf7c7a2e07707020f8d1883b93f94692bcf230acccc49b2677ce66e842f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/filmalt1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496742
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 708
cf-request-id: 0a19526c0c0000d6f5ef3ed000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qTfP7nwUq6XbLniUkIDoD3YHVkpI56%2BBKReDw2UTP1kcEu%2FZ0FjxqzNlfE3FwWoN9Rm4uDHJcvbYQo3yu%2FnJO4EyDRuNIP%2BeaWyA%2B9TnA147%2Ftf5uR71cNscIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01befd6f5-FRA
expires: Sat, 10 Jul 2021 06:29:22 GMT

GET
H3-29 200 filmalti2.png
vootserial.com/wp-content/themes/keremiya/images/ 1 KB
2 KB 43ms
32ms Image
image/png 2606:4700:3035::ac43:a656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vootserial.com/wp-content/themes/keremiya/images/filmalti2.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/wp-content/themes/keremiya/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a656 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c486f2937d03ed5803beedd23794eca83f23bd239f29f488cc6a2bc40e8e1ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/keremiya/images/filmalti2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: vootserial.com
referer: https://vootserial.com/wp-content/themes/keremiya/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vootserial.com/wp-content/themes/keremiya/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 496660
x-server-powered-by: Engintron
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1112
cf-request-id: 0a19526c120000d6f50420b000000001
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 25 Nov 2019 21:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Im%2F4%2F0PzZceNXjrTo1YIbK936JzQC1PsSWQ9766k%2BfxihcxI6ujcEciXlg9IS8P%2FamUU4jMnPnS2f88%2Bo67MYnsLNpW5uFScKZNeS0udVgyj3ZuaPu3cC12hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6508b9c01bf1d6f5-FRA
expires: Sat, 10 Jul 2021 06:30:44 GMT

GET
H2 200 EuxTbwq.png
i.imgur.com/ 54 KB
55 KB 166ms
54ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EuxTbwq.png

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f95cc09459267d57ccb2f1cc53f1f25db32098bc4197442c933991e85f0feb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
x-content-type-options: nosniff
age: 915006
x-cache: HIT, HIT
content-length: 55544
x-served-by: cache-bwi5168-BWI, cache-hhn4049-HHN
last-modified: Wed, 22 May 2019 14:53:10 GMT
server: cat factory 1.0
x-timer: S1621211305.232873,VS0,VE1
etag: "13e47912c29920ccf11f563086f89096"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 174ms
57ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:24:27 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.128/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 89951470

GET
H2 200 serial69 Show response
my.cbox.ws/ Frame 97C0 9 KB
4 KB 580ms
188ms Document
text/html 104.149.136.190
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: https://my.cbox.ws/serial69
Requested by: Host: downloadvid.xyz
URL: https://downloadvid.xyz/chat.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.149.136.190 Los Angeles, United States, ASN40676 (AS40676, US),
Reverse DNS: mx1.cbox.ws
Software: nginx /
Resource Hash: c286d51921c7df7302b1ffbd0f8287149a60533a9742bae745d6aa66e6a2ace0

Request headers

:method: GET
:authority: my.cbox.ws
:scheme: https
:path: /serial69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://downloadvid.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://downloadvid.xyz/

Response headers

server: nginx
date: Mon, 17 May 2021 00:28:25 GMT
content-type: text/html; charset=UTF-8
cache-control: public
last-modified: Tue, 13 Apr 2021 16:01:55 GMT
content-encoding: gzip

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame E88B 12 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/300x600.php?cid=998775&type=vcid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a19526d7100004a67b8303000000001
last-modified: Tue, 11 May 2021 15:38:57 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609aa511-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vDbhks73t9UlHuhFO3K0WZHuGOMuXAJVqIx8sUX8kN3YvpjK%2FlrY0dExj5oL%2BzVz8Og4x7gWFmqe2XDdPGAUjtNk8KsKSlYWwuZfjUJ3yIGl4oE93OrqVM6XMBOL1NjC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6508b9c24e9e4a67-FRA
expires: Wed, 19 May 2021 00:28:25 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 431ms
139ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4292657&@f16&@g1&@h1&@i1&@j1621211305340&@k0&@l1&@mMtv%20Ace%20Of%20Space%202%20Episode%2023%20%7C%20Free%20Watch%20Oldvidz.xyz%20Tv%20Serials%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-198647275&@b3:1621211305&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fvootserial.com%2Fmtv-ace-of-space-2-episode-23%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 37c440a96db1edfbe9a45a40a9157cdec37555189cca97f608dded6ef9b2437d

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 435ms
141ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2914110&@f16&@g1&@h1&@i1&@j1621211305340&@k0&@l1&@mMtv%20Ace%20Of%20Space%202%20Episode%2023%20%7C%20Free%20Watch%20Oldvidz.xyz%20Tv%20Serials%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-159410083&@b3:1621211305&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fvootserial.com%2Fmtv-ace-of-space-2-episode-23%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 5f7b638ba1566fca8c3e0c0f15d48c2032f08dc926ff5d6c5f31952a955ad017

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 420ms
133ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4292657&@f16&@g0&@h2&@i1&@j1621211305359&@k19&@l2&@mMtv%20Ace%20Of%20Space%202%20Episode%2023%20%7C%20Free%20Watch%20Oldvidz.xyz%20Tv%20Serials%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:193414151&@b3:1621211305&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fvootserial.com%2Fmtv-ace-of-space-2-episode-23%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 37c440a96db1edfbe9a45a40a9157cdec37555189cca97f608dded6ef9b2437d

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 446ms
147ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2914110&@f16&@g0&@h2&@i1&@j1621211305359&@k19&@l2&@mMtv%20Ace%20Of%20Space%202%20Episode%2023%20%7C%20Free%20Watch%20Oldvidz.xyz%20Tv%20Serials%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:140524801&@b3:1621211305&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fvootserial.com%2Fmtv-ace-of-space-2-episode-23%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: 5f7b638ba1566fca8c3e0c0f15d48c2032f08dc926ff5d6c5f31952a955ad017

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 Tag.engine Show response
engine.4dsply.com/ 2 KB
2 KB 177ms
173ms Script
application/json 2606:4700::6810:9f11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=-120&id=c7b62cde-39d3-42bb-842c-6be17ce9460e&rand=90081&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fvootserial.com%2Fmtv-ace-of-space-2-episode-23%2F&kw=free%20watch%20mtv%20roadies%20seasons%2Cmtv%20roadies%20seasons%20watch%20online%2Cmtv%20roadies%20seasons%20voot%20serial%2Cmtv%20roadies%20seasons%20youtube%20link%2Cmtv%20roadies%20seasons%20all%20episodes%2Cfree%20watch%20mtv%20splitsvilla%20seasons%2Cmtv%20splitsvilla%20seasons%20watch%20online%2Cmtv%20splitsvilla%20seasons%20voot%20serial
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c7b62cde-39d3-42bb-842c-6be17ce9460e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9f11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 16ec1c23e6425bc0e544a2678fdefda3aaaad3962aeb0992f93a3653988f0ccd

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6508b9c2ff1e4d89-FRA
date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a19526dd700004d89f9145000000001

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame A866 400 B
449 B 38ms
35ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: jrrKB0/7cuG281BQBF69bWuGzmKecrEHBiUTMSqFPZDKdWAAAy+z58HaB68VcbKi8nnUBSH7MwoDmf5sgR8/aw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Wed, 12 May 2021 01:53:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Thu, 12 May 2022 01:53:25 GMT

GET
H3-29 200 1aGdzEZwTaf.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/ Frame A866 504 KB
132 KB 32ms
31ms Script
application/x-javascript 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/1aGdzEZwTaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c6676edb6a480947e8347cfa5b1b4ae63428d69daa309a55fb8431e772254a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HrxID+X1h6P6uVwL4laoDg==
cross-origin-resource-policy: cross-origin
content-length: 135123
x-fb-rlafr: 0
x-fb-debug: jxI9n8+lqZS0YOAhw85yCCX8PxniSFEnwKs6ItJ/kLqZILIawas9N6gfPVMLmEQvjxVlxcPBfrZHgV4L8Ydo6g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 May 2022 16:36:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E88B 63 KB
21 KB 175ms
60ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0667841931e4f602695141ee17c2c8a3750ac5c84664507c9d863500ffeaab1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 420 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21330
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame E88B 58 KB
24 KB 186ms
62ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1079/ Frame E88B 32 KB
11 KB 175ms
56ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1079/smart.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bf749e26d36af19ea84aac2f3080184d0b7c8f88f735a51bd80c2dd53e657fb

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=178
Content-Length: 11374
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 285E 12 KB
4 KB 16ms
9ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a19526ea000004a67c63cf000000001
last-modified: Tue, 11 May 2021 15:38:57 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609aa511-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aaVbNw%2BURRXjSxpe6kBeeqlpyLruqxjXDkrEzE0Trs8fESz0%2BvtudQR6yE0RILFiCfsGRVwX%2BEGhNR652bGAqcM8kMPvliWKHehWy7lqGniIpJ8HwY4sO0eipTNwjnbX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6508b9c438eb4a67-FRA
expires: Wed, 19 May 2021 00:28:25 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B794 12 KB
4 KB 22ms
16ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/300x250.php?cid=998775&type=vcid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a19526ea000004a675010e000000001
last-modified: Tue, 11 May 2021 15:38:57 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609aa511-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pB7hIBGDgq%2BHkt6UVJaeHjHPOZtfoclIE5Ek7kHzUNQJPLlHevNsldHGmuScys2%2F7wvF%2Fn0UxlS0Qkpy7yLKFBFBBakOy3jg9dlWyzt86hvKRoqqg4UbtM3MQHMu%2FJ%2FE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6508b9c438ec4a67-FRA
expires: Wed, 19 May 2021 00:28:25 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 1569 12 KB
4 KB 16ms
4ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a19526eaf00004a67baaad000000001
last-modified: Tue, 11 May 2021 15:38:57 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609aa511-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=51dBPXm%2B0XIC2RW11SGEdT8CfM2U4KFEgUo7qeuQhMm8sxJOLexteYLgwWeCQiSY0Ph8L74XZXqKbMhl1FYeR4AgbQgk5j7qdFe9kzbGJuYcjc%2BGztQDpjAuTDrVBLHQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6508b9c449084a67-FRA
expires: Wed, 19 May 2021 00:28:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 285E 63 KB
21 KB 136ms
96ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0667841931e4f602695141ee17c2c8a3750ac5c84664507c9d863500ffeaab1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 328 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21330
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 285E 58 KB
24 KB 195ms
144ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1079/ Frame 285E 32 KB
11 KB 164ms
59ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1079/smart.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bf749e26d36af19ea84aac2f3080184d0b7c8f88f735a51bd80c2dd53e657fb

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=178
Content-Length: 11374
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame B794 58 KB
24 KB 145ms
109ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1079/ Frame B794 32 KB
11 KB 179ms
65ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1079/smart.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bf749e26d36af19ea84aac2f3080184d0b7c8f88f735a51bd80c2dd53e657fb

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=178
Content-Length: 11374
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1569 63 KB
21 KB 123ms
110ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

3a8700993af5800782f416941eb7ca529e17807463b6dd5cd0b43b6277b01c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 363 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21451
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 1569 58 KB
24 KB 154ms
129ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1079/ Frame 1569 32 KB
11 KB 170ms
60ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1079/smart.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bf749e26d36af19ea84aac2f3080184d0b7c8f88f735a51bd80c2dd53e657fb

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 00:28:25 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=178
Content-Length: 11374
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A866 67 B
97 B 67ms
67ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1621211305435&t_start=1621211305435&t_domcontent=1621211305574&t_layout=1621211305729&t_onload=1621211305729&t_paint=1621211305729&t_creport=1621211305729&t_tti=1621211305574&lid=6963049536217500278-0

Requested by

Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://vootserial.com/mtv-ace-of-space-2-episode-23/&send=false&layout=standard&width=390&show_faces=false&action=like&colorscheme=dark&font&height=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: zt70Wd6Ui9aVHAclXkxGMGuJ3JNnan3DEqDPwqwnsFIVevkyS9VYd5sQ39UXzq4xhUjPlXLYwc/fuAX4sZSh8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 00:28:25 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021051101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E88B 305 KB
108 KB 128ms
64ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051101.js?31061153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

314ed60012f54eaf96fcc40f94424a4a44e11c3515631d1f445c3d3f7a09e3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110094
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H3-29 200 pubads_impl_2021051101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 285E 305 KB
108 KB 79ms
78ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051101.js?31061153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

314ed60012f54eaf96fcc40f94424a4a44e11c3515631d1f445c3d3f7a09e3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110094
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H3-29 200 pubads_impl_2021051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1569 306 KB
108 KB 122ms
121ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

320d8abc5842e93f8157f5b9f075ada2a06c239fb2038de60fff7461f3deb02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 08:37:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110161
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:25 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame 8680
Redirect Chain

https://adx.adform.net/adx/?mid=950937
https://adx.adform.net/adx/?CC=1&mid=950937

1 KB
1 KB

98ms
90ms

Script
text/javascript

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&mid=950937

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/300x600.php?cid=998775&type=vcid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

db16139df3d2c72ee6aa54b36b74a30bad4790b515c2ecc18e4d72df88d1df7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1012
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&mid=950937
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame D9C6
Redirect Chain

https://adx.adform.net/adx/?mid=913991
https://adx.adform.net/adx/?CC=1&mid=913991

1 KB
1 KB

92ms
89ms

Script
text/javascript

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&mid=913991

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/300x250.php?cid=998775&type=vcid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

627ca8fe602dd34a5b9aaa8e5fdf206a93ba4a9229c0aeeca2f25931f59cd706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1007
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&mid=913991
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame 7033 7 KB
2 KB 200ms
56ms Document
text/html 144.76.209.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Requested by: Host: my.cbox.ws
URL: https://my.cbox.ws/serial69
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.209.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: four.cbox.ws
Software: nginx /
Resource Hash: 3b69a1b10a9bdbd9d3a21521dfdc82fb32b212620e48874d47f524b8358331d2

Request headers

:method: GET
:authority: www5.cbox.ws
:scheme: https
:path: /box/?boxid=882155&boxtag=wvkwhx&sec=main
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.cbox.ws/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://my.cbox.ws/

Response headers

server: nginx
date: Mon, 17 May 2021 00:28:26 GMT
content-type: text/html
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, must-revalidate, max-age=5
last-modified: Mon, 17 May 2021 00:28:23 GMT
x-cache: HIT
content-encoding: gzip

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame 27F9 4 KB
2 KB 200ms
57ms Document
text/html 144.76.209.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=form
Requested by: Host: my.cbox.ws
URL: https://my.cbox.ws/serial69
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.209.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: four.cbox.ws
Software: nginx /
Resource Hash: 97b2603dd549823adcfc569b1d7558512bc366a1094e2e0c00d8faa7dd9c51bf

Request headers

:method: GET
:authority: www5.cbox.ws
:scheme: https
:path: /box/?boxid=882155&boxtag=wvkwhx&sec=form
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.cbox.ws/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://my.cbox.ws/

Response headers

server: nginx
date: Mon, 17 May 2021 00:28:26 GMT
content-type: text/html
p3p: CP="NOI DSP COR NID CURa OUR NOR"
expires: Tue, 17 May 2022 00:28:17 GMT
cache-control: public, max-age=31536000
x-cache: HIT
content-encoding: gzip

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame 36E9
Redirect Chain

https://adx.adform.net/adx/?mid=977706
https://adx.adform.net/adx/?CC=1&mid=977706

1 KB
1 KB

93ms
91ms

Script
text/javascript

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&mid=977706

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e32ca584f56aac23498ad40e266a61644c86088704a3eeb95fcadb2e32af0299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1003
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&mid=977706
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
adx.adform.net/adx/ Frame 81E7
Redirect Chain

https://adx.adform.net/adx/?mid=977706
https://adx.adform.net/adx/?CC=1&mid=977706

1 KB
1 KB

91ms
88ms

Script
text/javascript

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&mid=977706

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cdc595c147d7ab647bedca8aec5bd97bd5e246260b4bba36800d81735bd4cbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1008
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:26 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&mid=977706
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 /
www5.cbox.ws/box/ Frame 7033 2 KB
942 B 53ms
52ms Stylesheet
text/css 144.76.209.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=css&i=1579121150
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.209.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: four.cbox.ws
Software: nginx /
Resource Hash: f4b836cdc5a10aad7359f37feb31cc3ad3d5768a8e6c764663ca9d19ed343a03

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
x-cache: HIT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=10368000
content-type: text/css
expires: Tue, 07 Sep 2021 11:09:29 GMT

GET
H2 200 de.png
static.cbox.ws/flags/ Frame 7033 545 B
1 KB 198ms
67ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/de.png
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2055699
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 545
cf-request-id: 0a19527209000000fc0b317000000001
server: cloudflare
etag: "43130220-221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2iC58qCkocJd1xZ6w%2BURZhSc9Kw0kyWK0pYfNyTSaFEc6T04gPTpWgZY9zWzzJY9qNa99ZjwuquzbECjGJXuo3B8XpNu%2BGaD84ZqcfiHBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9c9a85900fc-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pk.png
static.cbox.ws/flags/ Frame 7033 569 B
1 KB 192ms
65ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/pk.png
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19851391a22a4eee0c6a3bc4b9dec8ec2ee15d0133a8f7c8844f599c261219fb

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2050272
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 569
cf-request-id: 0a19527209000000fca6b92000000001
server: cloudflare
etag: "431301a8-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8qCWZ7vAHJgg9sTHEvlaX0PrGb8Kurto95evtMkntSk3UYjWSYsQBMpoLLGxBrir%2B5auXpPHeNBlr8uYRQUipHlxIU4bOykZeF6PstfBPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9c9a85a00fc-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 us.png
static.cbox.ws/flags/ Frame 7033 609 B
1 KB 191ms
65ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/us.png
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2055714
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 609
cf-request-id: 0a1952720a000000fccebd6000000001
server: cloudflare
etag: "431301a8-261"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=StHJNdtu%2Bi%2FfDxiLkRifqx4xKP5FlFod%2BSzSlq4CgYuhDkM%2Fb009x7zVD%2FS%2Fd1kLc2%2Fyz1lWucpwzqJO0pG1ltUBj1LXHxJ2plLaWWVY3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9c9a85b00fc-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 61JB1.gif
cbox.im/i/ Frame 7033 15 KB
16 KB 63ms
26ms Image
image/gif 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbox.im/i/61JB1.gif
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebdbd2c623673a2bb7a8a1a26d08bccf65068ff31afdc653ef02ac10563c2e85

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1966850
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15567
cf-request-id: 0a1952719500004e0d3ba00000000001
pragma: public
last-modified: Thu, 10 Jan 2019 17:21:34 GMT
server: cloudflare
etag: "5c377f1e-3ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nagkiaOkiwQmSD3nWhfbw085X%2FLiIR3Bo580e7RgrqlFRYY4vwDtxRRravm5v%2BwaOfsYmFpXs%2B7zGlurNHuZE1zpjZ01558979QzanPz7fpTaysk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6508b9c8e9c94e0d-FRA
expires: Mon, 24 May 2021 06:07:36 GMT

GET
H2 200 5a1qn.gif
cbox.im/i/ Frame 7033 9 KB
10 KB 50ms
13ms Image
image/gif 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbox.im/i/5a1qn.gif
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8deb8291d7043a9c5ba902476c439fba466c7c353d60a7597fe023056168e922

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 705914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9135
cf-request-id: 0a1952719600004e0def153000000001
pragma: public
last-modified: Thu, 10 Jan 2019 17:34:06 GMT
server: cloudflare
etag: "5c37820e-23af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CfP9d7A9wPKht6fCr6FAoUnkikkXZA9D8gQoxesmrokkMv5hXKhXuL06bdnwU8TJ9doNoZ700uZPoyErRiajaTLEApx%2B%2BEwAJGgLRtvO%2FPfxZs2Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6508b9c8e9ca4e0d-FRA
expires: Mon, 07 Jun 2021 20:23:12 GMT

GET
H2 200 /
www5.cbox.ws/box/ Frame 27F9 2 KB
942 B 61ms
60ms Stylesheet
text/css 144.76.209.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=css&i=1579121150
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=form
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.209.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: four.cbox.ws
Software: nginx /
Resource Hash: f4b836cdc5a10aad7359f37feb31cc3ad3d5768a8e6c764663ca9d19ed343a03

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
server: nginx
x-cache: HIT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=10368000
content-type: text/css
expires: Tue, 07 Sep 2021 11:09:29 GMT

GET
H2 200 jsc_1593163307.js Show response
static.cbox.ws/jsc/ Frame 27F9 47 KB
16 KB 195ms
74ms Script
application/x-javascript 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=882155&boxtag=wvkwhx&sec=form
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a0bfe840910b6f2622d2a9a11ff97a2e655facd7db8fa94633607fdc082a46a

Request headers

Origin: https://www5.cbox.ws
Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2055710
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1952720c0000728d8b3b7000000001
last-modified: Fri, 26 Jun 2020 09:21:54 GMT
server: cloudflare
etag: W/"5ef5be32-40af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BS1SahJAhyxr%2Fa4lCxugT%2FRMKVSHCHL9J95GvsWmUP1Wk0Vu6zY5CHVXUzHLpOfpUG0%2FbSc1p1nJLjfgfy0CYHPQobBQi1efUSW6ZZoyng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6508b9c9adfa728d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8680 63 KB
21 KB 63ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=950937

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

3a8700993af5800782f416941eb7ca529e17807463b6dd5cd0b43b6277b01c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 447 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21451
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 8680 58 KB
24 KB 60ms
60ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=950937
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 81E7 63 KB
21 KB 62ms
61ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=977706

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

71b1381b5b1e2a3bba4d5c843daf44934b8d2272971ea5a79bc9dedd86646e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 65 of 1000 / last-modified: 1621030146"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 81E7 58 KB
24 KB 60ms
59ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=977706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D9C6 63 KB
21 KB 63ms
63ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=913991

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

71b1381b5b1e2a3bba4d5c843daf44934b8d2272971ea5a79bc9dedd86646e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 845 of 1000 / last-modified: 1621030146"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame D9C6 58 KB
24 KB 64ms
63ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=913991
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 36E9 63 KB
21 KB 66ms
66ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=977706

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

71b1381b5b1e2a3bba4d5c843daf44934b8d2272971ea5a79bc9dedd86646e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 947 of 1000 / last-modified: 1621030146"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 36E9 58 KB
24 KB 68ms
67ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=977706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-e80f"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3-29 200 pubads_impl_2021051201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8680 306 KB
108 KB 83ms
67ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

320d8abc5842e93f8157f5b9f075ada2a06c239fb2038de60fff7461f3deb02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 08:37:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110161
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 81E7 303 KB
107 KB 63ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D9C6 303 KB
107 KB 65ms
64ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H3-29 200 de.png
static.cbox.ws/flags/ Frame 7033 545 B
1 KB 135ms
65ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/de.png
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2055699
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 545
cf-request-id: 0a195272d100004c1f73a25000000001
server: cloudflare
etag: "43130220-221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XStvLGiJOucihBUoXuew3SwdMF6VbhjYsnbFBBg0M3LQIl55DtDnRe4QSwK5QVZ1X8d7bZlCM0Xhc2NUzapv2AT4VdaBZFReHrumVdsP%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9caede14c1f-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 pk.png
static.cbox.ws/flags/ Frame 7033 569 B
1 KB 134ms
65ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/pk.png
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19851391a22a4eee0c6a3bc4b9dec8ec2ee15d0133a8f7c8844f599c261219fb

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2050272
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 569
cf-request-id: 0a195272d500004c1fc62b3000000001
server: cloudflare
etag: "431301a8-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iCQCvrFvUpOFvUCeF%2BPSyfG%2Fp6wK3LJsvzHQdHJLXFXRhEFi9DWz%2BlztLzQcvCtOPp4sXiL8RY3TAdOf3ev%2BJfF3aMAT921At0LnJwGeXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9caede94c1f-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 us.png
static.cbox.ws/flags/ Frame 7033 609 B
1 KB 144ms
76ms Image
image/png 172.67.128.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cbox.ws/flags/us.png
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.67.128.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2055714
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 609
cf-request-id: 0a195272d500004c1fc91d2000000001
server: cloudflare
etag: "431301a8-261"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OtTw5Q3sgohTgwu%2FGEfOMiZwE6JLsew3j9MbvsgPwHNvFVNLpjeB%2B3gu3qc1SaYJacCPNhS24VxgMTw9FfWJfsVGRBjqitX8oOpLqWu2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6508b9caede84c1f-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 61JB1.gif
cbox.im/i/ Frame 7033 15 KB
16 KB 25ms
12ms Image
image/gif 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbox.im/i/61JB1.gif
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebdbd2c623673a2bb7a8a1a26d08bccf65068ff31afdc653ef02ac10563c2e85

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1966850
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15567
cf-request-id: 0a1952728400004e67fd098000000001
pragma: public
last-modified: Thu, 10 Jan 2019 17:21:34 GMT
server: cloudflare
etag: "5c377f1e-3ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVSJqizrl1ecAGIqgA35OaK0UBUDNJyKb8bkrxj0LvVOBqFOq5aDQhJuPFI0cScZBxoT2HDl8s7%2FuUF6AkT2nYepNodtSaFnpxBgsgZUY5pVldek"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6508b9ca6a294e67-FRA
expires: Mon, 24 May 2021 06:07:36 GMT

GET
H3-29 200 5a1qn.gif
cbox.im/i/ Frame 7033 9 KB
10 KB 32ms
19ms Image
image/gif 2606:4700:3033::ac43:c0c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbox.im/i/5a1qn.gif
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_1593163307.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c0c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8deb8291d7043a9c5ba902476c439fba466c7c353d60a7597fe023056168e922

Request headers

Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 705914
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9135
cf-request-id: 0a1952728400004e670a90d000000001
pragma: public
last-modified: Thu, 10 Jan 2019 17:34:06 GMT
server: cloudflare
etag: "5c37820e-23af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D6r6zb8X5TBW5bts8Z8BJ4r9tKcbulTzHJ%2FO5F2EN9DUwQEDONVsxNuvxQQChTDsa6P1H6W%2FFy3713wGbluW5BI4oshRj1YTYTovQpy4NT0ODFVa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6508b9ca6a274e67-FRA
expires: Mon, 07 Jun 2021 20:23:12 GMT

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 36E9 303 KB
107 KB 85ms
85ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 8680 107 B
799 B 77ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8680 107 B
313 B 33ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8680 9 KB
5 KB 207ms
204ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1027224993275446&correlator=1928988571568058&output=ldjh&impl=fif&eid=31061154%2C31060796%2C31061143%2C31060798%2C31060800&vrg=2021051201&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=44881730%2Cnewsiqra.com%2Cnewsiqra.com_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&eri=4&cdm=newsiqra.com&bc=31&abxe=1&dt=1621211306800&dlt=1621211305972&idt=826&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=0&adys=0&adks=3586010387&ucis=299n3giy6qgn&ifi=1&ifk=2380403176&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=newsiqra.com&loc=https%3A%2F%2Fnewsiqra.com%2F300x600.php%3Fcid%3D998775%26type%3Dvcid&top=vootserial.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=895136897.1621211307&ga_sid=1621211307&ga_hid=427289146&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

efde0a953f05c080a3512360d6350c660f9c9cb25eda5810a636841b29fe0f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4278
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsiqra.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8680 0
0 70ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 8680 0
0 32ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 81E7 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 81E7 107 B
122 B 30ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 81E7 359 B
371 B 151ms
136ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3711040417228725&correlator=2244116843605920&output=ldjh&impl=fif&eid=31060783%2C31060854%2C21064371%2C44743203&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=44881730%2Cnewsiqra.com%2Cnewsiqra.com_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=4&cdm=newsiqra.com&bc=31&abxe=1&dt=1621211306889&dlt=1621211306078&idt=803&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=0&adys=0&adks=867586107&ucis=w9ll8h29s0bv&ifi=1&ifk=565993865&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=newsiqra.com&loc=https%3A%2F%2Fnewsiqra.com%2F730x90.php%3Fcid%3D998775%26type%3Dvcid&top=vootserial.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=1950494563.1621211307&ga_sid=1621211307&ga_hid=1041625710&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e1edd5a3623246adeffaf0355c1d11c3104a2501574fa771a9011a3fba5028c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsiqra.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81E7 0
0 346ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 81E7 0
0 28ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ Frame D9C6 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D9C6 107 B
122 B 17ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D9C6 361 B
328 B 144ms
144ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3060032712735039&correlator=3586858916921644&output=ldjh&impl=fif&eid=31060789%2C21064369%2C21068766%2C31061023&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=44881730%2Cnewsiqra.com%2Cnewsiqra.com_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=4&cdm=newsiqra.com&bc=31&abxe=1&dt=1621211306955&dlt=1621211306008&idt=968&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=0&adys=0&adks=3389112481&ucis=v2r0twmzekef&ifi=1&ifk=3092830885&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&nhd=2&url=newsiqra.com&loc=https%3A%2F%2Fnewsiqra.com%2F300x250.php%3Fcid%3D998775%26type%3Dvcid&top=vootserial.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=262363945.1621211307&ga_sid=1621211307&ga_hid=678097152&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e982c6b1c4246ce79d24297c9f7a5e3d783e1b80aa9a50a864645010d7fda020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsiqra.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D9C6 0
0 59ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame D9C6 0
0 8ms
7ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 36E9 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 36E9 107 B
122 B 21ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newsiqra.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 36E9 61 KB
12 KB 311ms
309ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2851546031820889&correlator=135410249260993&output=ldjh&impl=fif&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=44881730%2Cnewsiqra.com%2Cnewsiqra.com_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=4&cdm=newsiqra.com&bc=31&abxe=1&dt=1621211307236&dlt=1621211306066&idt=940&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=0&adys=0&adks=867586107&ucis=wkpful45hgyl&ifi=1&ifk=565993865&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=newsiqra.com&loc=https%3A%2F%2Fnewsiqra.com%2F730x90.php%3Fcid%3D998775%26type%3Dvcid&top=vootserial.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=1474228776.1621211307&ga_sid=1621211307&ga_hid=1677021086&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

21a795fb2e2dfd075099d65647a2c7d3019413c06530efef51c6eb278bbd8764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12594
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsiqra.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36E9 0
0 62ms
15ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 36E9 0
0 7ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 416B 6 KB
3 KB 30ms
11ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsiqra.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsiqra.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 17 May 2021 00:28:26 GMT
expires: Tue, 17 May 2022 00:28:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8680 73 KB
28 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:27 GMT

GET
H2 200 /
stats.vlitag.com/abd/ 0
544 B 166ms
121ms Image
image/jpeg 2606:4700:20::681a:eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/abd/?id=2c5646d5cc9584f5c5264fd2823c1520&detect=notfound
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vootserial.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ndAsFJ8eZiv7diPvh5hZxAMh5m8Syot8xxEfb2un1D02KhB8IoJo8qldDV9NBOTZMJ%2BX9EuGidIBowp2zRvpRT3%2BdPymwQHuzufLzNF21sAPojyfKerLSJpCwOR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6508b9cfeb812b4d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a195275f300002b4d88925000000001

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 416B 0
0 98ms
89ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzYcEqrihYJSlNMTh-gbnjIfAB5Gtxbxc3ebspu4CwI23ARABIABg6eTJhdgaggEXY2EtcHViLTY5MTg1ODI0OTQwNjcwNjTIAQmpAimhg8lB6oU-4AIAqAMBqgSKAk_QETHtPYgHrwXiM0K0JBoQXoAtTCA7gVNdgZBGhQbxy1W9wvMUv1UwXFwX7LXw9fi8-5yc1H8vDCw_PnZbiuLZdAYyADrr0yFXUxQnWnvRtFx-lOGZNc5dkJlblQe0mqkozkpRpTHQpWrbvrlHTeUZqoGa6fUEwKJI9jNV878CaU8yhU7F9p0_hESPMg5WpJ_DWOGPquKK_U0Ln5RpuLvOSBzZCxhuPoacuW03eVtk5CetU1O9DfCnsgxKXHFSUr2DOGlCeKLS296UdvOpnFTgJQiUfrM_EN2kyjGpDoT6JF_BeQCcmyahPHhTtQil379DAyRhCD7sIyoa-U9lCTROTHJry-oISoP44AQBgAa50Iy_rp36zx2gBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02OTE4NTgyNDk0MDY3MDY0&sigh=jrptb0-6PEo
Requested by: Host: vootserial.com
URL: https://vootserial.com/mtv-ace-of-space-2-episode-23/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 416B 2 KB
2 KB 70ms
66ms Script
text/javascript 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=45754553;rtbwp=YKG4qgANEpQK3rDEAAHGZ8_ZfIGWzZRJKkRSNg;rtbdata=213YhU2VLU3HJE4LZ2hr9TqXwous2rXEu6wvgO6DbyXr_Zobigev-p9R9OEGyrJHIdiZDdtDjlZxugp2lrCJnfmcScN2QkxrT80PWMIHAJT8VhHD6vFF4Y98yH53VA_HbFEAViSSzcN2fQxrm6QQL-z5qmUwCyenuNFrv7inaYLAPIEfMydV4bvGpvX0AsEB9HSyZIj8IVoRx_2tDow_ifP2teoVDEuNHqWs9WmNogH8bx_s1JcHCD1eSkNiOpcjvKYvaiqLMI9w-iQ4hD3WPE87h8d_oaeBw3iI60gHGBc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C2RCWqrihYJSlNMTh-gbnjIfAB5Gtxbxc3ebspu4CwI23ARABIABg6eTJhdgaggEXY2EtcHViLTY5MTg1ODI0OTQwNjcwNjTIAQmpAimhg8lB6oU-4AIAqAMBqgSNAk_QETHtPYgHrwXiM0K0JBoQXoAtTCA7gVNdgZBGhQbxy1W9wvMUv1UwXFwX7LXw9fi8-5yc1H8vDCw_PnZbiuLZdAYyADrr0yFXUxQnWnvRtFx-lOGZNc5dkJlblQe0mqkozkpRpTHQpWrbvrlHTeUZqoGa6fUEwKJI9jNV878CaU8yhU7F9p0_hESPMg5WpJ_DWOGPquKK_U0Ln5RpuLvOSBzZCxhuPoacuW03eVtk5CetU1O9DfCnsgxKXHFSUr2DOGlCeKLS296UdvOpnFTgJQiUfrM_EN2kyjGpDoT6JF_BeQCcmyahPHhTtQil379DAyRhCD7sYSgXa4XAj0D2yj3wN6yXnpXsliGa4AQBgAa50Iy_rp36zx2gBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1DHG2BYSkjtlbb0YUBkjm2TRAr7w&client=ca-pub-6918582494067064&adurl=

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

089e65ab248bff572483d4974e67f49a8d9b79d7bcf68fc6ac78ae49df5f4833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1678
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 416B 2 KB
1 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:19:56 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 416B 117 KB
36 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:27 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 416B 13 KB
6 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 00:21:14 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 416B 22 KB
7 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 09:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 09:34:07 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 6D8F 190 KB
54 KB 114ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 227122
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 09:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 09:23:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 6D8F 12 KB
5 KB 112ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 227122
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 09:23:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 09:23:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 6D8F 87 KB
27 KB 122ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 227793
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 09:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 09:11:54 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 6D8F 38 KB
13 KB 132ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a5acacd5e3bce730eb4c433b3d04fc8445a324a8f77799cd8f3cde9be55276

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 580514
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13668
x-xss-protection: 0
server: sffe
date: Mon, 10 May 2021 07:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fba74aaf986321a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 May 2022 07:13:13 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 6D8F 27 KB
9 KB 119ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 227793
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 09:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 09:11:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 6D8F 40 KB
13 KB 133ms
33ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 227903
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 09:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 09:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6D8F 3 KB
687 B 57ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 23:51:22 GMT
server: ESF
date: Mon, 17 May 2021 00:28:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 00:28:27 GMT

GET
H3-29 200 12544579788744035556
tpc.googlesyndication.com/simgad/ Frame 6D8F 5 KB
5 KB 57ms
24ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12544579788744035556?w=100&h=100

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3942aebfd4f465e62dbd7e8d07c851dbd46bc12e7a5db935215831951ae2061f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:52:52 GMT
x-content-type-options: nosniff
age: 448535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
last-modified: Thu, 21 Dec 2017 15:47:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 19:52:52 GMT

GET
DATA 200
OK truncated
/ Frame 6D8F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b95c47d1f7c10624c2533943055819b5c795caf24f57612f743916910acaba0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D8F 2 KB
2 KB 55ms
23ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 13:14:34 GMT
x-content-type-options: nosniff
server: cafe
age: 40433
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 17 May 2021 13:14:34 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D8F 295 B
319 B 56ms
23ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 7882
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 17 May 2021 22:17:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6D8F 0
0 49ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwBk0gAd6Sv6VjlwqoiAqfwdhPsirwi7P7KYAhmljhF1WEGSptU1FDupIqS2aVzZKihDhn7NUCe3kg_oWzbRlvryg1Bg
Requested by: Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 6D8F 225 B
249 B 56ms
23ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 06:19:53 GMT
x-content-type-options: nosniff
server: cafe
age: 65314
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Mon, 17 May 2021 06:19:53 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6D8F 0
0 120ms
87ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1VHjq7ihYN7REoTB-gbi3IDIA8bchPNcz_7r3r4GwI23ARABIMSlkBBg6eTJhdgaoAHz08vTA8gBAakCzo_-MHRgtD7gAgCoAwGqBOoBT9CvhdJco-RvvZ2e6hsHFK8DzbzY4qNLbPG1-Ug5Zr5X2jVEBl0ouaQ1KfvyyguvlUmoAA-PNYn7fxT-52sprz7a4rzJ8_oNrZ_VNR9fjp03QmrCtxAvIIN48nOCVOji0QBKPcqiS3HQb7P9QM3vNfrme3gVdKtB1CBgdXc4gBLnTQ6dyw2NWZDhRFE5Ca7J9gVqtHJcV2O3037Z-EIN6TRqdkzjPBhyTz8uqSBCcWsyOcOA_l6hrg6nnkBOEV0C3IqzLq-pbA7wauxWRk-SO_Mddi_cvQzberylxlKu5ANkfM-ZzMK1hN3RwASaoNC3xAHgBAGSBQQIBBgBkgUECAUYBIAHppTnLKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxCzYNIICQiA4YAQEAEYHYAKAcgLAdgTAogUAdAVAYAXAbIXGgoYCAASFHB1Yi02OTE4NTgyNDk0MDY3MDY0&sigh=ZtFfx6gyDhA&template_id=5001
Requested by: Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6D8F 21 KB
21 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://newsiqra.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 341785
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 13 May 2022 01:32:02 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6D8F 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://newsiqra.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 341816
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 13 May 2022 01:31:31 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6D8F 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://newsiqra.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:35:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
age: 291165
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
expires: Fri, 13 May 2022 15:35:42 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 416B 35 KB
17 KB 94ms
81ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=45754553;rtbwp=YKG4qgANEpQK3rDEAAHGZ8_ZfIGWzZRJKkRSNg;rtbdata=213YhU2VLU3HJE4LZ2hr9TqXwous2rXEu6wvgO6DbyXr_Zobigev-p9R9OEGyrJHIdiZDdtDjlZxugp2lrCJnfmcScN2QkxrT80PWMIHAJT8VhHD6vFF4Y98yH53VA_HbFEAViSSzcN2fQxrm6QQL-z5qmUwCyenuNFrv7inaYLAPIEfMydV4bvGpvX0AsEB9HSyZIj8IVoRx_2tDow_ifP2teoVDEuNHqWs9WmNogH8bx_s1JcHCD1eSkNiOpcjvKYvaiqLMI9w-iQ4hD3WPE87h8d_oaeBw3iI60gHGBc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C2RCWqrihYJSlNMTh-gbnjIfAB5Gtxbxc3ebspu4CwI23ARABIABg6eTJhdgaggEXY2EtcHViLTY5MTg1ODI0OTQwNjcwNjTIAQmpAimhg8lB6oU-4AIAqAMBqgSNAk_QETHtPYgHrwXiM0K0JBoQXoAtTCA7gVNdgZBGhQbxy1W9wvMUv1UwXFwX7LXw9fi8-5yc1H8vDCw_PnZbiuLZdAYyADrr0yFXUxQnWnvRtFx-lOGZNc5dkJlblQe0mqkozkpRpTHQpWrbvrlHTeUZqoGa6fUEwKJI9jNV878CaU8yhU7F9p0_hESPMg5WpJ_DWOGPquKK_U0Ln5RpuLvOSBzZCxhuPoacuW03eVtk5CetU1O9DfCnsgxKXHFSUr2DOGlCeKLS296UdvOpnFTgJQiUfrM_EN2kyjGpDoT6JF_BeQCcmyahPHhTtQil379DAyRhCD7sYSgXa4XAj0D2yj3wN6yXnpXsliGa4AQBgAa50Iy_rp36zx2gBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1DHG2BYSkjtlbb0YUBkjm2TRAr7w&client=ca-pub-6918582494067064&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:28 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 18 May 2021 03:22:12 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6D8F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 17 May 2021 00:28:28 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 ww.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 6D8F 44 KB
13 KB 72ms
23ms Fetch
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f93971eb20623144ecae9224983c8f1c60e92a1fa8c53c5fcda79a8768532a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 235660
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13300
x-xss-protection: 0
server: sffe
date: Fri, 14 May 2021 07:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e4763b6b3af18dd4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 07:00:48 GMT

GET
H3-29 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D8F 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 13:14:34 GMT
x-content-type-options: nosniff
server: cafe
age: 40434
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 17 May 2021 13:14:34 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D8F 295 B
319 B 16ms
14ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 7883
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 17 May 2021 22:17:05 GMT

GET
H3-29 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 6D8F 225 B
249 B 26ms
25ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 06:19:53 GMT
x-content-type-options: nosniff
server: cafe
age: 65315
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Mon, 17 May 2021 06:19:53 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 416B 7 KB
4 KB 62ms
58ms Script
text/javascript 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=45754553;rtbwp=YKG4qgANEpQK3rDEAAHGZ8_ZfIGWzZRJKkRSNg;rtbdata=213YhU2VLU3HJE4LZ2hr9TqXwous2rXEu6wvgO6DbyXr_Zobigev-p9R9OEGyrJHIdiZDdtDjlZxugp2lrCJnfmcScN2QkxrT80PWMIHAJT8VhHD6vFF4Y98yH53VA_HbFEAViSSzcN2fQxrm6QQL-z5qmUwCyenuNFrv7inaYLAPIEfMydV4bvGpvX0AsEB9HSyZIj8IVoRx_2tDow_ifP2teoVDEuNHqWs9WmNogH8bx_s1JcHCD1eSkNiOpcjvKYvaiqLMI9w-iQ4hD3WPE87h8d_oaeBw3iI60gHGBc1;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C2RCWqrihYJSlNMTh-gbnjIfAB5Gtxbxc3ebspu4CwI23ARABIABg6eTJhdgaggEXY2EtcHViLTY5MTg1ODI0OTQwNjcwNjTIAQmpAimhg8lB6oU-4AIAqAMBqgSNAk_QETHtPYgHrwXiM0K0JBoQXoAtTCA7gVNdgZBGhQbxy1W9wvMUv1UwXFwX7LXw9fi8-5yc1H8vDCw_PnZbiuLZdAYyADrr0yFXUxQnWnvRtFx-lOGZNc5dkJlblQe0mqkozkpRpTHQpWrbvrlHTeUZqoGa6fUEwKJI9jNV878CaU8yhU7F9p0_hESPMg5WpJ_DWOGPquKK_U0Ln5RpuLvOSBzZCxhuPoacuW03eVtk5CetU1O9DfCnsgxKXHFSUr2DOGlCeKLS296UdvOpnFTgJQiUfrM_EN2kyjGpDoT6JF_BeQCcmyahPHhTtQil379DAyRhCD7sYSgXa4XAj0D2yj3wN6yXnpXsliGa4AQBgAa50Iy_rp36zx2gBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_1DHG2BYSkjtlbb0YUBkjm2TRAr7w&client=ca-pub-6918582494067064&adurl=;js=1;adfxid=1x;4317;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fvootserial.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b3b0a0d5433f646a25b87c475d037f9c29d767cd6e18e5d14f73c5a764deef14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3390
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 8680 35 B
487 B 75ms
75ms Ping
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1621211308617

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://newsiqra.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 push.js Show response
gde-default.hit.gemius.pl/gdejs/ Frame 416B 661 B
614 B 172ms
47ms Script
application/x-javascript 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gdejs/push.js?gdpr=0&gdpr_consent=&nc=0&tag=gde-default%2FAqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7%2Fwokshsnfwy%2Fmxkrjkeatkrvipjqppbrvyfmfbme%2Ftprilphkrt%2F%40%2F%2F
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: a17f4dfbdc98430efbfb213cee21499a8c7c276719b259531d4b8d41a54727ca

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:28 GMT
content-encoding: gzip
last-modified: Fri, 27 Dec 2019 09:29:39 GMT
server: GHC
etag: "5E05CF0300000295469C4930"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 354
expires: Tue, 18 May 2021 00:28:28 GMT

GET
BLOB 200
OK a2b60447-4ebc-4f99-b87d-dc1006a39505
https://newsiqra.com/ Frame 6D8F 44 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://newsiqra.com/a2b60447-4ebc-4f99-b87d-dc1006a39505
Requested by: Host: newsiqra.com
URL: https://newsiqra.com/730x90.php?cid=998775&type=vcid
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5e5af31d1662104ea95e544e39ada25ae087bbb585ee55cc22dfe37e229ae6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 45382
Content-Type: text/javascript

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 416B 85 KB
36 KB 67ms
66ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:28 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 13:03:07 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 18 May 2021 03:31:54 GMT

GET
H2 200 xgde.js Show response
gde-default.hit.gemius.pl/gdejs/ Frame 416B 54 KB
19 KB 39ms
39ms Script
application/x-javascript 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gde-default.hit.gemius.pl
URL: https://gde-default.hit.gemius.pl/gdejs/push.js?gdpr=0&gdpr_consent=&nc=0&tag=gde-default%2FAqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7%2Fwokshsnfwy%2Fmxkrjkeatkrvipjqppbrvyfmfbme%2Ftprilphkrt%2F%40%2F%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:28 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 06:33:51 GMT
server: GHC
etag: "60768CCF0000D7B32E93DA3F"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19239
expires: Tue, 18 May 2021 00:28:28 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 416B 35 B
502 B 57ms
55ms Ping
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=45754553&csi=7M3o27fwX2r8KHfqEbweMphu-sv31dLkvex5NgwEVgHrygPkIxxfk15kqnn79H7-NTE0O97PkrA65kYQxZzSNWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44879450.jpg
s1.adform.net/Banners/44879450/ Frame 416B 89 KB
90 KB 59ms
59ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44879450/44879450.jpg?bv=2

Requested by

Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a140676f86450885d416d2f9b0abcc61f5cd5e285424e3846dbbea12ca960b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:28 GMT
last-modified: Fri, 30 Apr 2021 11:09:53 GMT
server: nginx
etag: "608be581-164e2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 91362

GET
DATA 200
OK truncated
/ Frame 416B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6db9a944510cb14324de154c3a015725488bbf92416d5bebb27c0f1ed8d2550

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D9C6 10 KB
8 KB 57ms
25ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a44deab83211cc493592123fb3e2c15283fab24c20440ac215f6122b6cce003c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7766
x-xss-protection: 0

GET
H2 200 xgde.html Show response
gde-default.hit.gemius.pl/gdejs/ Frame F506 303 B
360 B 36ms
35ms Document
text/html 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gdejs/xgde.html
Requested by: Host: gde-default.hit.gemius.pl
URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

:method: GET
:authority: gde-default.hit.gemius.pl
:scheme: https
:path: /gdejs/xgde.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
expires: Tue, 18 May 2021 00:28:29 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip

GET
H2 200 redot.gif
pro.hit.gemius.pl/_1621211309199/ Frame 416B 43 B
154 B 49ms
45ms Image
image/gif 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro.hit.gemius.pl/_1621211309199/redot.gif?id=B8M6Ri80Jwy3EwxiWSSauWYkP6IZ267t9WEhrSlis.X.J7&extra=ext_p%3D4%7Cls%3D1%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600&nc=1
Requested by: Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Sun, 16 May 2021 00:28:29 GMT

GET
H2 200 redot.gif
pro.hit.gemius.pl/_1621211309200/ Frame 416B 43 B
76 B 49ms
45ms Image
image/gif 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro.hit.gemius.pl/_1621211309200/redot.gif?id=B8M6Ri80Jwy3EwxiWSSauWYkP6IZ267t9WEhrSlis.X.J7&extra=ext_l%3D200%7Cls%3D1%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600&nc=1
Requested by: Host: 4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
URL: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Sun, 16 May 2021 00:28:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 36E9 10 KB
7 KB 41ms
26ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

052b9eda4ea72c438b9aeb3d7dbe22f2ee9a614a35702460794f1a982f2134da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7535
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D9C6 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 81E7 10 KB
7 KB 32ms
26ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536eec5577369f700077023a0936785c5f3358b71f3bca67a85caa76ee6f169b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7603
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 36E9 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:29 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 81E7 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:29 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 36E9 35 B
486 B 57ms
57ms Ping
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1621211309306

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://newsiqra.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0B31 12 KB
5 KB 21ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsiqra.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsiqra.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 15:09:39 GMT
expires: Mon, 16 May 2022 15:09:39 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33530
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xgde.js Show response
gde-default.hit.gemius.pl/gdejs/ Frame F506 54 KB
19 KB 40ms
37ms Script
application/x-javascript 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js
Requested by: Host: gde-default.hit.gemius.pl
URL: https://gde-default.hit.gemius.pl/gdejs/xgde.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb

Request headers

Referer: https://gde-default.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 06:33:51 GMT
server: GHC
etag: "60768CCF0000D7B32E93DA3F"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 19239
expires: Tue, 18 May 2021 00:28:29 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F0F1 12 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsiqra.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsiqra.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 15:09:39 GMT
expires: Mon, 16 May 2022 15:09:39 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33530
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9DF3 12 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsiqra.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsiqra.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 15:09:39 GMT
expires: Mon, 16 May 2022 15:09:39 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33530
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B31 14 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame F0F1 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DF3 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8680 10 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ee6b077c35859cdf336938b9568bd19aa47f15eee31a168170a013ac74f350b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7626
x-xss-protection: 0

GET
H2 200 gemius.js Show response
gde-default.hit.gemius.pl/ Frame F506 38 KB
10 KB 35ms
35ms Script
application/x-javascript 185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/gemius.js
Requested by: Host: gde-default.hit.gemius.pl
URL: https://gde-default.hit.gemius.pl/gdejs/xgde.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: 9f760f4c6337499943376592f9c4ada700be2403e31539872457c5fdc5ddcb8a

Request headers

Referer: https://gde-default.hit.gemius.pl/gdejs/xgde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 12:13:09 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10484
expires: Mon, 17 May 2021 12:28:29 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8680 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051201.js?31061154

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 00:28:29 GMT

GET
H2

200

redot.js Show response
gde-default.hit.gemius.pl/__/_1621211309523/ Frame 416B
Redirect Chain

https://gde-default.hit.gemius.pl/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D1%7...
https://gde-default.hit.gemius.pl/__/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D...

2 B
173 B

35ms
35ms

XHR
application/x-javascript

185.11.128.202
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://gde-default.hit.gemius.pl/__/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600%7Cxref%3Dhttps%3A%2F%2Fvootserial.com%7Ctq%3D1&lsdata=-NOTSUP&href=https%3A%2F%2F4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&ref=https%3A%2F%2Fnewsiqra.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.202 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-202.dataspace.pl
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Sun, 16 May 2021 00:28:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
server: GHC
access-control-allow-origin: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1621211309523/redot.js?id=Aqg1lGuVeVViDCHVW7gpHJQJXmEuGKMHb7.fniPzdjz.D7/fastid=mxkrjkeatkrvipjqppbrvyfmfbme/stparam=wokshsnfwy&extra=ls%3D1%7Ctpb%3D0%7Cifr%3D1%7Cifrv%3D100%7Cifrw%3D300%7Cifrh%3D600%7Cxref%3Dhttps%3A%2F%2Fvootserial.com%7Ctq%3D1&lsdata=-NOTSUP&href=https%3A%2F%2F4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&ref=https%3A%2F%2Fnewsiqra.com%2F
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 16 May 2021 00:28:29 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 57FD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsiqra.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newsiqra.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 15:09:39 GMT
expires: Mon, 16 May 2022 15:09:39 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 33530
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6D8F 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCDuje0-8s7530KTB7o-wUVXQnIIhBtiUxKrOu6f5vC4bY9sNvd2CKo7LoGa2OAai4HQxu6XkjfNkBFpGbz8tuBqtwprFn4J4LViOMbLhsjf53ne7l260RSjLMkg&sai=AMfl-YS1gF6md6gGJHtFhsaJx3r7cs69durOKyFowvW7vzOuhpucMECn7BQMxMZMhOc4-p4bT3pmznzt3newInI7GpK2wuUDq_w47MI&sig=Cg0ArKJSzBVG4iMXESK7EAE&cid=CAASF-RoJ29hJ0UQvZpSyPCr5CjRQXc3e0VH&id=ampim&o=0,91&d=728,90&ss=1600,1200&bs=728,90&mcvt=1030&mtos=0,0,1030,1030,1030&tos=0,0,1030,0,0&tfs=470&tls=1500&g=100&h=100&tt=1500&r=v&avms=ampa&adk=867586107

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 57FD 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 40229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 13:18:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E7 0
437 B 72ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=3711040417228725&bg=!RkWlRQHNAAY59bwoOfU7ACkAdvg8WiiBxqJ9rdK4rU0lm4H96AfnKt-pW8DFOAc1nilWtusDvdJm7QIAAAGEUgAAACNoAQcKAEZpFI8PSL2vYRvubxr83a1dZWQILlm7EZGhvQM0TURtWnNvPOT6gquXCMpI1sG9H9Yj90MKS2-r3qmGXluD1PrZkU6yioWvmQJvfNA28oGiGK4JzHd4ZXRubc5ywu4JItUHY0NvMnh6jSuZSbunElF_UWGim0fVpBE_2nr7KN0yGLUG9Iw9sBKPoJ7aH7peIMgCw05yKBAmlPk-9qUTnVrlH_MxFTUG4Y4HTJY7l_iZmiCU6p2KB_hKYGtE4N4QAH0IY69cbDbC_dpgatMyYkh9J5MoaWQ7OyZoKv8dHiyceJKzdNynm1cO-lhjcfEJ_UtzUJYcPcAxOONIXA_4jTFqFRfrKn0frwvBGEf49vb8Ste6_CFHxGXN2_1k5iNhDepUzu_uoaWqBNA414EoARGZXxqp12T_yH3zgKBxolTp2FcQAALQ92sCT3Ir3LVy0OPODD-LIddGzNbqQK7Z2TrrvOBIC6f4PR1bdljFHQ4i-At8r_bHzbGa3PAFNrxglOtNmMYNf2LX_IU6eKPiehJme1wquH2uBPS8jUp5cYgnAge-3MhQwvicC4oSkeY106G08yGUOPwIKyqFln-D3slwG4MnmHTNYjmATW4yV9NThtx-aAX1wC4RKc9bfjnmT6OqKfQ7LbMVBLdQwW5K5y2Gs5kszLYo2aAb0jSHSQjOFq6-qdqDwqyLiLLEl7ONzSvBp_56OcBXsRbnXn9wk2vBk5-J6lsvmEhuvqbI6xpPA3K0ydxEcxPPcHd4tThQg9kgJbFtHOIauQDlVhdyXM_U9cwXD5UV0h0n7VFRCJkl8Pil0t8nUXh7hwecWGiKRmOOrPEdS-pG9BfrU6U7NXbHJt1TfaM6LmG5ABn5jW5jOEEcQLkJKiB5Dn_ZyjL79xQBB7VTXRtJEoahP0V9ymRPT-5iSigFiJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 36E9 0
56 B 56ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=2851546031820889&bg=!qKulq-_NAAY59bwoOfU7ACkAdvg8Ws3qcKoDsCcsBtHzyGtseLR5SBx3v0qTkDvH_WSCrkUlP7kGqAIAAAGCUgAAABhoAQcKALre047y_aoLKSE0ByQ-RwQXxiRwlmEIoFwZHFgmQyOvBciQR-6AVrtAsEenx2vME0yq6a30jp_wQHLUwCFPPYtyW4nwATxEzah251CchVfcN2TX21XRXxqkfWe33nYSUetmOXwPRj46a_mUhqZZvAf95uxZo7XGtEqshMGjDYIZcvVb6AYfq5udPE_nh5WBb1qfoVs2QIFTsjI6L3czIizwasjOo6X8fF572jw0R-MXS-sFyB7YAKMaZPiZAlh58jzc4lfRZLVB-s6_AsPoDmqyVIHJoaEz-jfMc77fNCYwuZ3PcBKdsJf8K6j1A487DTF76iVoRNCMSoMbsLdjjEutISRs9PxpiLPDgoZPztKt6mzd8HA2fGBuSGvWEW-7ymoPYIiisy1a5OnPphABYFABVD7r7107MHhkb0bmK8AQx15_rwZboIF08a6jwPHD8WHGqDUrjpJG3dlt_ZMH0yY1s2_KpAwj9uakz1E63nE5Z9VEjgEf8MyQ1r9TrDyXuTNyQM9I3wBQMyc4YNF7VbK-nvCosKqb82kEaAC5L3KO87HOKa5MCP-NUoV9aBpXu9JLWDr2IIQ_ha51u2YftcCQ3NIpB5TcsgDlz3eE9oUuMrE6UGSrA8tYwFj4kL-vnfOey6yu4G1VCUwWQL8ccG3hvZQtoNbAO-gw97dVEN7lJjS5crMC-M7TyH_Eb7PGDxP42MvTCF-ggcV2Dn0fOiotJBqT9jKEodWP8ps17qh0aAdnPAmxxyy6v0qG3rgkKn-NpvM9CeGBKlk6kZIvCu8p8Ah4UThme3WA2rF_am9toTiQOvb8K2ZK_mfjTLY2pxImbpJuVDuOm7XP7v8xXYhhJptPFrWz2kIqd2Aanzz6pvWLp9VT1XeDSUtYEqK3sDtT6x68Q6zP8icC3ZrNMK196Djkv2ggRGfl5NhELuQ1JgEDBVxuDEM-yVoeHeEzVv1ZdLburJAsYIuknTI_5I82a1XiMKcusC3MQ0G9LwEAkj5L3tiXMsCq2rquipiMGjesDdaLGLsvEsnDo1yjC6EVRrCpVEk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9C6 0
56 B 54ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=3060032712735039&bg=!zc6lzorNAAY59bwoOfU7ACkAdvg8Wk5zuXaS-mlWVjY6MM8I4Kr6p6z2vjzZX2dd__nhwNfswxnCbgIAAAGlUgAAABloAQcKABUxtTInL8itcyz75OyDQyIL1M5f4zKZAm2EJQQdrMFCAeg50KAMk0I8NzvClyz8ZTFPncHT4mTnwukDnLpbQAEtdcbnWL-qS7AY2l1Yn6xNtZYlugPzIfnBlVjJrfFH3Z8Q5wuO8Z7ElOVLBVD7QBJly8h_X9uqBLiVGzBHbOA1s2G1rlB93D9w7hWjfN4wQVPXlzgZK5yXaSteQIk9vthrf6h_6D4jfcRIHGjaReNho6c5Jq_e6FWqit9JsAjB_XDdfCfOOQk0IEEA-4ecjP9sA7jeG_b4pOT8Q5GFRYhmg1rht7BAf3v6UMTZIEpNjGEj4Ve1Glx_I3KkKsscEUFl8O8FoG5HT2NjGycM5qMqXisEAFYZN-8ykeFw4ZFo_S3Lbrt_YW3DOMquxqw-GZRnGqdmsPKM1LAcwJfwCwT6tVz8g4v3UHXyM2bs8GDVLCLSkV_RDQTiPLUn5y_AlGZ9fVxf_kdr1d9YBdCCX9RZ7kylhBuMaa3VCEnHsFSNcgi2a0bMJR0Zf6R40KsCijEaUIjilLo477-hKWIxJkqsKhvC-R_evWIIfswwkCRMvbqzspODx_9oowQvqcC04p2RX3TAIL-s6Efh3v9IlzOG5feA0hcPkEkWwujb2Ket5EySin79EiOGaOE6Ta7w1kzvRkrPgQnCsvxH8PfuuOAA7EsNJBiO_72W3ruH4g-F6yI7dnUVtYtqOQ3BcOF0VQqOKuRWuzsABPXSCTRcNBlOVv7yshCJV7_2VuKFaI2J1OCZRLOhjFxqkRfA7a6flgArMZWTxI7W52_vYkXqAgJsH7aux3yhZnH4Ac646cNHUjseU8QDtOEKUf6vup_NpVTTJAOM_m4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8680 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051201&jk=1027224993275446&bg=!i4iliMzNAAY59bwoOfU7ACkAdvg8Wt-B23toGpmz6FfJobhtPMshDc_0oVtRIgsbJABuWdqWkIsJnQIAAADWUgAAABJoAQcKAHAsiLFrYlUNBzeMQSQNpd6Ax3m5iEo_8_w1VWbQWRSNO-UzsiUUXJhBzfZxIMXKgT6zRKuflh1Xw34mTBOKdmG9af58ln52xSeXEoEF51lYYy0ReFB5SBnkYjLSluzKifoLnPGnMIR6ITC-mF0DdVbWmQJyUifaKDl0DMoF2x61rRdREBzbWIZQQpnLUrB4nB9eCbDeN69F8lTlytFrRyXmUxWSfgGl8efuQN42ngiiHG4Pf5buMPG8bO6KuvzOPM4eSI0wPXMYfcQZZcK872xTdWsp9z-U5oRiRyBUWPUa4BBVkdMa-u8oB8mwtvtEmDBzmk8HKRkhLDbJ5DttV59dobnMkH2UBz-Tc1QW6-V_UvlELDYLcIIbId5Nw6wxfCEELX1FDlAO1Jw9FwtUUwFK7UW6UyqB0qHJA-9dpSd8kKwflSDd5skT6W26mZTy733iuupkKAVoETetWpY5WAPETMjcI6XEaywzUz0KtuTd_9ZasM82DR8RY1ydMkQ7OZXvLt9i15sgpi-iSrin24_ms96OsUqzbGc5BcR9oYrH1d3e_ZmnQ2QmqfqMsteqgW-SgalBqo_N2aJh8Kom7rJ2ps6DSz3LgQP0OG6RYEW3QSrYoBC9habz2zgDd0uTJ6j-y7r-SVTfojMnBsSz4W32WzDl_coaCefCR1c5V5JZQixPrNu19MBDzfLtEvEP5Vt-sAKZ48lLHqJa-PG_59OS5FcfHrdBTX8SLjz0CG_HBGw8jo_WduaGNMN2qL68Y_e0BKXBwjFOvn1QYVcuuwKGexSEGMRoyLUHZ-eUa9XTmFDaP_9ODptPZCsLpySPlMNDsXFnaEpy0uvqZYED4K1j-GXATwOsQ9C9vChLI0gW0Lo99NrfLE7EslEJWtd8xQtcoapH1LuA_J1pyK7lC4YuDKfMdLWTnstWqxIsiDd5JDY6zBLTrp-bK-jjFiqr0TUPiY9JT03T_SB6fOh0T0Mo7xySUJI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 416B 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMjIRz83sWvzWjaKesR5XLoXsjIq0AMVb0apOBKVQREhdlSxuwQ6BQ1uFAObla-KfJcR5bBbIwQHRT49bdLdrLJd_muMl2Bw&sig=Cg0ArKJSzMYt0R7j32O2EAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&app=0&itpl=20&adk=3586010387&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621211307436&dlt=0&rpt=1754&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 416B 35 B
502 B 56ms
56ms Ping
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7447812070069368716@@45754553,8808845009047594019,75|1199|0|0|0|0|0|0|0||84|1|1|60a1b8aa000d9b990ae01857d3081e5f_1|||1|0|0|dJcg-S6ynjRX7EYoWZQhUV9Oaq5r3ksUGoBWi2tZmL67x11L0UmUJMkllzAqADQrA7z_uuw_WOM1|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 416B 35 B
294 B 57ms
56ms Image
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=45754553&event=178&time=2&baid=44879450&name=Viewable%20impressions&imprid=8808845009047594019&icid=7447812070069368716&eData=7M3o27fwX2pwzuU7HiY0z0LefXOBh2p24fn4X_ACi5jZWx_kh7zqR9YT00kEA0y0cxjz1_EvK9Uau94oJsHc8Q2&rtbdata=213YhU2VLU3HJE4LZ2hr9TqXwous2rXEu6wvgO6DbyXr_Zobigev-p9R9OEGyrJHIdiZDdtDjlZxugp2lrCJnfmcScN2QkxrT80PWMIHAJT8VhHD6vFF4Y98yH53VA_HbFEAViSSzcN2fQxrm6QQL-z5qmUwCyenuNFrv7inaYLAPIEfMydV4bvGpvX0AsEB9HSyZIj8IVoRx_2tDow_ifP2teoVDEuNHqWs9WmNogH8bx_s1JcHCD1eSkNiOpcjvKYvaiqLMI9w-iQ4hD3WPE87h8d_oaeBw3iI60gHGBc1&rtbwp=YKG4qgANEpQK3rDEAAHGZ8_ZfIGWzZRJKkRSNg&rnd=921812167

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 416B 35 B
502 B 56ms
56ms Ping
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=7447812070069368716@@45754553,8808845009047594019,75|4500|0|0|0|0|0|0|0||314|1|1|60a1b8aa000d9b990ae01857d3081e5f_1|||1|0|0|dJcg-S6ynjRX7EYoWZQhUV9Oaq5r3ksUGoBWi2tZmL67x11L0UmUJMkllzAqADQrA7z_uuw_WOM1|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 00:28:33 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 recache.js Show response
s1.adform.net/banners/scripts/recache/ Frame 8680 314 B
538 B 58ms
57ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/recache/recache.js?1621211316532
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: afcb4e1c13a5726aaaaab486e21bb685b68794b4caa07b6642ed3cae1967c6a3

Request headers

Referer: https://newsiqra.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:28:36 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 15:01:38 GMT
server: nginx
etag: W/"609d3f52-13a"
x-cache-status: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vootserial.com/	1970-01-20 03:05:47	Name: HstPt4292657 Value: 2
vootserial.com/	1970-01-20 03:05:47	Name: HstPn4292657 Value: 2
vootserial.com/	1970-01-20 03:05:47	Name: HstCns4292657 Value: 1
vootserial.com/	1970-01-20 03:05:47	Name: HstCnv4292657 Value: 1
vootserial.com/	1970-01-20 03:05:47	Name: HstCmu4292657 Value: 1621211305340
vootserial.com/	1970-01-20 03:05:47	Name: HstCla4292657 Value: 1621211305359
.cbox.ws/	1970-01-19 18:20:13	Name: __cf_bm Value: e5214471b450a983ae962697e1be7d821a446601-1621211306-1800-AbQP23hdOl3UAxOS5GVxnvF1FiiA/cKUObl+y+nhaSfa9lbq2J0ltmAz8Grb270pBOuRZVBUGIT6XQBZOknSE9Q=
vootserial.com/	1970-01-20 03:05:47	Name: HstCfa4292657 Value: 1621211305340

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.jsdelivr.net/gh/vli-platform/adb-analytics@77bebb/v1.0.min.js(Line 7) Message: [ABD] start beginTest
console-api	log	URL: https://cdn.jsdelivr.net/gh/vli-platform/adb-analytics@77bebb/v1.0.min.js(Line 7) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://cdn.jsdelivr.net/gh/vli-platform/adb-analytics@77bebb/v1.0.min.js(Line 7) Message: [ABD] exiting test loop - value: false
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://newsiqra.com/730x90.php?cid=998775&type=vcid

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4ccc2895e9fd0ba65d0260e96e9a4bdc.safeframe.googlesyndication.com
7ad19d6bb7067792b5966a896abb8619.safeframe.googlesyndication.com
867f9986c20444b707fa7a3d83a5d3e7.safeframe.googlesyndication.com
adservice.google.com
adservice.google.pl
adx.adform.net
ajax.cloudflare.com
cbox.im
cdn.ampproject.org
cdn.engine.4dsply.com
cdn.jsdelivr.net
ced.sascdn.com
downloadvid.xyz
engine.4dsply.com
f58f211db64af06729eb939ccae2ca42.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gde-default.hit.gemius.pl
googleads.g.doubleclick.net
i.imgur.com
my.cbox.ws
newsiqra.com
pagead2.googlesyndication.com
pro.hit.gemius.pl
s1.adform.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.cbox.ws
stats.vlitag.com
tpc.googlesyndication.com
track.adform.net
vootserial.com
www.facebook.com
www.google.com
www.googletagservices.com
www5.cbox.ws
104.149.136.190
144.76.209.249
151.101.112.193
158.69.251.190
172.67.128.112
185.11.128.202
2.16.186.113
216.58.212.130
2606:4700:20::681a:eee
2606:4700:3031::6815:237e
2606:4700:3033::ac43:c0c1
2606:4700:3035::ac43:a656
2606:4700:3038::6815:eae9
2606:4700::6810:9f11
2606:4700::6810:a823
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42:1b::621
37.157.5.73
37.157.6.241
46.105.201.240
029b71f52d3a782a56a36219ddc27d48671471737a84f77b97186751a974a9b9
052b9eda4ea72c438b9aeb3d7dbe22f2ee9a614a35702460794f1a982f2134da
0667841931e4f602695141ee17c2c8a3750ac5c84664507c9d863500ffeaab1d
089e65ab248bff572483d4974e67f49a8d9b79d7bcf68fc6ac78ae49df5f4833
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c6676edb6a480947e8347cfa5b1b4ae63428d69daa309a55fb8431e772254a3
110eeb66c541a5c52df5bbd8a48008f65087684f52731da1260b75a587623be9
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
16ec1c23e6425bc0e544a2678fdefda3aaaad3962aeb0992f93a3653988f0ccd
19851391a22a4eee0c6a3bc4b9dec8ec2ee15d0133a8f7c8844f599c261219fb
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f93971eb20623144ecae9224983c8f1c60e92a1fa8c53c5fcda79a8768532a3
1ffaf7c388b4e0ce12333021c141d068ebcd19b1db2586bebd8dd2f3496c3224
21a795fb2e2dfd075099d65647a2c7d3019413c06530efef51c6eb278bbd8764
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f863c9c6bf5da6142dd422ebc55635e48d514a5a12aa85b94a2453147d735c8
30a5dbf7c7a2e07707020f8d1883b93f94692bcf230acccc49b2677ce66e842f
314ed60012f54eaf96fcc40f94424a4a44e11c3515631d1f445c3d3f7a09e3e2
320d8abc5842e93f8157f5b9f075ada2a06c239fb2038de60fff7461f3deb02f
3323814006fe6739493d27057954941830b59eff37ebaac994310e17c522dd57
34cf09403dc06bad173e24d991e275fca7aa399bacd7b158a4270fd00dc4c8e3
35c414eb8ef826c3f17a8a4e80f573133c649ab8171c45bd17fbbe3925c668a7
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
37c440a96db1edfbe9a45a40a9157cdec37555189cca97f608dded6ef9b2437d
3879df3ee782fe23e021e67c948df57f43d3a659393abd35e897da66316e6ffb
38dd9a5575139247ec6290b29334ef6b1986eed64ab74f15b289c886865a4d5f
3942aebfd4f465e62dbd7e8d07c851dbd46bc12e7a5db935215831951ae2061f
3a8700993af5800782f416941eb7ca529e17807463b6dd5cd0b43b6277b01c38
3b69a1b10a9bdbd9d3a21521dfdc82fb32b212620e48874d47f524b8358331d2
3ee6b077c35859cdf336938b9568bd19aa47f15eee31a168170a013ac74f350b
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48fda187e5369aa77a59bbf923d45524a9f4f4b0923032a9f6548f913a5c6968
492d6ee72205f7b0afc357c1f6fc6b99c15bea2b80c0b0da87d9c549b4939908
4a0bfe840910b6f2622d2a9a11ff97a2e655facd7db8fa94633607fdc082a46a
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4ebedd1a27c89ac73c80fcedb45b4682b7105ff8061541ff64a170c8ad53ef6c
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
536eec5577369f700077023a0936785c5f3358b71f3bca67a85caa76ee6f169b
5595f21aa09842967c685c66ac746943ae17ae9a5fe4e83e571424956fcb124d
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b4fa7a55fd393b7c4ebfbb0a03a36da71baabaf7855707c6732757d9a93e4c2
5edd3972c9d54d03135a136041ef2e7ce1bdad0dbca86f47dcfabf0a191f8403
5f7b638ba1566fca8c3e0c0f15d48c2032f08dc926ff5d6c5f31952a955ad017
627ca8fe602dd34a5b9aaa8e5fdf206a93ba4a9229c0aeeca2f25931f59cd706
6330d93c38185b92516fd8bdb7220ff136b6817c2ef101ed7d822e122066240b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b95c47d1f7c10624c2533943055819b5c795caf24f57612f743916910acaba0
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
71b1381b5b1e2a3bba4d5c843daf44934b8d2272971ea5a79bc9dedd86646e7c
72014c6d61e7ffc04c67aebc39e08f72e22254e09d4ff26ac819162e1519ce06
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7bf749e26d36af19ea84aac2f3080184d0b7c8f88f735a51bd80c2dd53e657fb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849b67cd71f5a9b19a55eee26c2035a9ed95ed5495559a889f4203eee713b497
856cf4caca7042e9161fe703759a2233b6fcac0e636e26c12774acef8c47c270
8d5e5af31d1662104ea95e544e39ada25ae087bbb585ee55cc22dfe37e229ae6
8deb8291d7043a9c5ba902476c439fba466c7c353d60a7597fe023056168e922
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
97b2603dd549823adcfc569b1d7558512bc366a1094e2e0c00d8faa7dd9c51bf
9bb78f632f67780c00b07e1164aec256155ae77de114a65df8dd39f8088cd83c
9f760f4c6337499943376592f9c4ada700be2403e31539872457c5fdc5ddcb8a
a140676f86450885d416d2f9b0abcc61f5cd5e285424e3846dbbea12ca960b73
a17f4dfbdc98430efbfb213cee21499a8c7c276719b259531d4b8d41a54727ca
a44deab83211cc493592123fb3e2c15283fab24c20440ac215f6122b6cce003c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51173bcf821962d2d61eca13749e03395030fb1fee454813dbd84fda761e9da
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa528f5b50e7375a48a56bd76602aa52b6294e1b16d8140f5917cbc79a4694cd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afcb4e1c13a5726aaaaab486e21bb685b68794b4caa07b6642ed3cae1967c6a3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b3b0a0d5433f646a25b87c475d037f9c29d767cd6e18e5d14f73c5a764deef14
b97f0890ed14a0813582d2a018a9bb11b4c24ab1724c40102feee75e2c063ef1
c1a576c9135aeb57c2609f7941cbaf59ca03e469e73a1f527a3870c484903c8b
c286d51921c7df7302b1ffbd0f8287149a60533a9742bae745d6aa66e6a2ace0
c486f2937d03ed5803beedd23794eca83f23bd239f29f488cc6a2bc40e8e1ac2
c5a5acacd5e3bce730eb4c433b3d04fc8445a324a8f77799cd8f3cde9be55276
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c89d5f07c2803888e857667bdc084996ede9223b5dfdf990ffee6c2668358be1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc595c147d7ab647bedca8aec5bd97bd5e246260b4bba36800d81735bd4cbc7
cef41d3435d61780099da1457e3d78457df25504b4c335caed786aec5b971266
d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c
d6db9a944510cb14324de154c3a015725488bbf92416d5bebb27c0f1ed8d2550
db16139df3d2c72ee6aa54b36b74a30bad4790b515c2ecc18e4d72df88d1df7b
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1edd5a3623246adeffaf0355c1d11c3104a2501574fa771a9011a3fba5028c5
e25b605ba1adfb5e38e4342ead7253da4b9ab9871b3c22ebb26ee6b624dce4eb
e32ca584f56aac23498ad40e266a61644c86088704a3eeb95fcadb2e32af0299
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e982c6b1c4246ce79d24297c9f7a5e3d783e1b80aa9a50a864645010d7fda020
ebad2b0f58e6a15900e508c173d17681d2abb4a3fcd81fdd5cc512365a696a7c
ebdbd2c623673a2bb7a8a1a26d08bccf65068ff31afdc653ef02ac10563c2e85
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efde0a953f05c080a3512360d6350c660f9c9cb25eda5810a636841b29fe0f30
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f488f0041880c71ccc3c75b6310c94b4846d602d2958ab65280562e884960a13
f4b836cdc5a10aad7359f37feb31cc3ad3d5768a8e6c764663ca9d19ed343a03
f5a420a4e3243dc6a5a6e9bc1aedc3978c8122e39922fc83693cb6a99191fa56
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f95cc09459267d57ccb2f1cc53f1f25db32098bc4197442c933991e85f0feb1a

vootserial.com Open in urlscan Pro 2606:4700:3035::ac43:a656 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

187 Requests

97 %HTTPS

68 %IPv6

23 Domains

37 Subdomains

34 IPs

6 Countries

2500 kBTransfer

6130 kBSize

8 Cookies

21 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vootserial.com Open in urlscan Pro
2606:4700:3035::ac43:a656 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

97 %
HTTPS

68 %
IPv6

23
Domains

37
Subdomains

34
IPs

6
Countries

2500 kB
Transfer

6130 kB
Size

8
Cookies

187 HTTP transactions
-3 data transactions