urlscan.io logo urlscan.io
SecurityTrails logo

mustsharenews.com Open in urlscan Pro
2606:4700:20::ac43:49fe  Public Scan

Go To Rescan Add Verdict Report
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Submission: On March 29 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 13 countries across 90 domains to perform 827 HTTP transactions. The main IP is 2606:4700:20::ac43:49fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is mustsharenews.com. The Cisco Umbrella rank of the primary domain is 379254.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.
This is the only time mustsharenews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
53 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:600... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f02... 32934 (FACEBOOK)
3 2.18.233.180 16625 (AKAMAI-AS)
1 2.21.20.197 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
1 51.89.7.110 16276 (OVH)
1 5 47.74.174.177 45102 (ALIBABA-C...)
33 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
40 142.250.181.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 34.98.64.218 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
22 185.86.138.16 201081 (SMARTADSE...)
1 23.32.59.34 16625 (AKAMAI-AS)
1 34.107.148.139 15169 (GOOGLE)
8 52.19.104.156 16509 (AMAZON-02)
4 3.123.205.63 16509 (AMAZON-02)
2 8 185.33.221.52 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a03:2880:f12... 32934 (FACEBOOK)
5 192.0.77.2 2635 (AUTOMATTIC)
8 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
6 76.223.26.175 16509 (AMAZON-02)
10 15 3.33.220.150 16509 (AMAZON-02)
6 34.98.67.61 15169 (GOOGLE)
4 10 104.21.58.221 13335 (CLOUDFLAR...)
5 5 185.33.221.88 29990 (ASN-APPNEX)
42 143.204.98.28 16509 (AMAZON-02)
6 142.250.185.230 15169 (GOOGLE)
148 2a00:1450:400... 15169 (GOOGLE)
14 23.205.235.133 16625 (AKAMAI-AS)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 151.101.2.49 54113 (FASTLY)
10 54 142.250.186.66 15169 (GOOGLE)
5 6 159.122.14.34 36351 (SOFTLAYER)
3 35.227.252.103 15169 (GOOGLE)
4 5 198.47.127.19 3257 (GTT-BACKB...)
4 5 69.173.144.139 26667 (RUBICONPR...)
8 8 213.19.147.44 3356 (LEVEL3)
8 2.18.235.40 16625 (AKAMAI-AS)
3 18.168.215.250 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
5 5 69.173.144.138 26667 (RUBICONPR...)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 4 52.94.222.140 16509 (AMAZON-02)
4 7 2001:678:cb4:... 56396 (AMOBEE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 13 185.29.134.244 30419 (MEDIAMATH...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
5 6 18.194.56.109 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
5 7 37.157.6.253 198622 (ADFORM)
12 143.204.98.56 16509 (AMAZON-02)
4 44 13.248.245.213 16509 (AMAZON-02)
5 6 2620:116:800d... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 72.251.249.14 29791 (VOXEL-DOT...)
1 185.86.137.122 201081 (SMARTADSE...)
4 185.29.134.245 30419 (MEDIAMATH...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 209.54.180.144 16509 (AMAZON-02)
1 1 50.31.142.127 23352 (SERVERCEN...)
2 78.46.90.238 24940 (HETZNER-AS)
2 2.18.233.201 16625 (AKAMAI-AS)
1 4 46.4.10.47 24940 (HETZNER-AS)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
10 37.157.5.142 198622 (ADFORM)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
31 37.157.6.236 198622 (ADFORM)
1 4 66.155.71.150 13768 (COGECO-PEER1)
2 2 18.196.142.162 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 51.75.86.98 16276 (OVH)
1 1 35.156.221.172 16509 (AMAZON-02)
2 2 52.31.243.45 16509 (AMAZON-02)
1 1 3.233.223.17 14618 (AMAZON-AES)
2 2 3.124.17.200 16509 (AMAZON-02)
1 1 54.163.96.140 14618 (AMAZON-AES)
3 138.201.63.116 24940 (HETZNER-AS)
1 1 44.200.208.73 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 18.184.108.74 16509 (AMAZON-02)
3 3 3.65.16.69 16509 (AMAZON-02)
1 34.193.68.63 14618 (AMAZON-AES)
1 2 3.104.87.238 16509 (AMAZON-02)
1 2.18.235.93 16625 (AKAMAI-AS)
1 9 2.18.234.21 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
1 1 52.34.128.225 16509 (AMAZON-02)
1 1 23.88.75.189 24940 (HETZNER-AS)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 154.59.122.79 174 (COGENT-174)
11 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 198.47.127.20 3257 (GTT-BACKB...)
3 3 51.210.112.63 16276 (OVH)
2 2 52.30.140.199 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 35.210.178.101 19527 (GOOGLE-2)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 3.228.229.208 14618 (AMAZON-AES)
2 2 51.178.20.139 16276 (OVH)
1 185.64.190.81 ()
827 98
37    2606:4700:20::ac43:49fe (United States)

ASN13335 (CLOUDFLARENET, US)
mustsharenews.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
53    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
13    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.21.20.197 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-197.deploy.static.akamaitechnologies.com
ced.sascdn.com
10    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.89.7.110 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p23.id5-sync.com
id5-sync.com
5    47.74.174.177 (Singapore, Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
adnetwork.adasiaholdings.com
33    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
www.googletagservices.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
40    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
googleads4.g.doubleclick.net
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adasia-d.openx.net
u.openx.net
1    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
22    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    52.19.104.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
4    3.123.205.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
8    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
47    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
de1-bid.adsrvr.org
15    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
6    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
10    104.21.58.221 (None, )

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
5    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
42    143.204.98.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-28.fra50.r.cloudfront.net
choices.truste.com
choices.trustarc.com
6    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
148    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
54    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
6    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
8    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    18.168.215.250 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
geo.moatads.com
mb.moatads.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    2a05:d018:d29:3601:d472:fadb:5355:a85e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
triplelift-match.dotomi.com
13    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a05:d018:24:b002:fd0c:6a07:bd55:e3a8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
6    18.194.56.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
12    143.204.98.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net
ib.3lift.com
44    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    50.31.142.127 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal9000.redintelligence.net
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
10    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
31    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    18.196.142.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-142-162.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    35.156.221.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-221-172.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
2    52.31.243.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-243-45.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    3.233.223.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-223-17.compute-1.amazonaws.com
sync.ipredictive.com
2    3.124.17.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-17-200.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    54.163.96.140 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-96-140.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    138.201.63.116 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
1    44.200.208.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-200-208-73.compute-1.amazonaws.com
sync.hgrtb.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    18.184.108.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-74.eu-central-1.compute.amazonaws.com
sportradarserving.com
3    3.65.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-16-69.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.193.68.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-68-63.compute-1.amazonaws.com
rtb.adentifi.com
2    3.104.87.238 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-87-238.ap-southeast-2.compute.amazonaws.com
sasinator.realestate.com.au
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    52.34.128.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-128-225.us-west-2.compute.amazonaws.com
www.storygize.net
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
1    85.114.159.93 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
2    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    3.228.229.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-229-208.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
148 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 316
1 MB
108 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 118
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
917 KB
104 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 61
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 246
stats.g.doubleclick.net — Cisco Umbrella Rank: 163
ad.doubleclick.net — Cisco Umbrella Rank: 223
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 332
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
455 KB
60 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 875
ib.3lift.com — Cisco Umbrella Rank: 1631
eb2.3lift.com — Cisco Umbrella Rank: 504
290 KB
48 adform.net
c1.adform.net — Cisco Umbrella Rank: 907
track.adform.net — Cisco Umbrella Rank: 3728
s1.adform.net — Cisco Umbrella Rank: 7818
614 KB
37 mustsharenews.com
mustsharenews.com — Cisco Umbrella Rank: 379254
804 KB
36 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 975
102 KB
27 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 211
673 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 646
eus.rubiconproject.com — Cisco Umbrella Rank: 804
pixel.rubiconproject.com — Cisco Umbrella Rank: 508
token.rubiconproject.com — Cisco Umbrella Rank: 1003
84 KB
23 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1836
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1565
12 KB
23 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 660
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 652
image6.pubmatic.com — Cisco Umbrella Rank: 842
simage2.pubmatic.com — Cisco Umbrella Rank: 899
image2.pubmatic.com — Cisco Umbrella Rank: 1292
image4.pubmatic.com — Cisco Umbrella Rank: 1318
simage4.pubmatic.com
107 KB
21 adsrvr.org
de1-bid.adsrvr.org — Cisco Umbrella Rank: 12962
match.adsrvr.org — Cisco Umbrella Rank: 410
insight.adsrvr.org — Cisco Umbrella Rank: 778
16 KB
19 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 645
tags.mathtag.com — Cisco Umbrella Rank: 3518
pixel.mathtag.com — Cisco Umbrella Rank: 1622
13 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 20
adservice.google.com — Cisco Umbrella Rank: 124
42 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 322
secure.adnxs.com — Cisco Umbrella Rank: 607
acdn.adnxs.com — Cisco Umbrella Rank: 837
27 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
523 KB
11 moatads.com
z.moatads.com — Cisco Umbrella Rank: 477
geo.moatads.com — Cisco Umbrella Rank: 761
px.moatads.com — Cisco Umbrella Rank: 495
mb.moatads.com — Cisco Umbrella Rank: 810
219 KB
10 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 6468
6 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 732
csm.eu.criteo.net — Cisco Umbrella Rank: 6802
346 KB
9 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 34233
hal90002.redintelligence.net — Cisco Umbrella Rank: 334454
hal90004.redintelligence.net — Cisco Umbrella Rank: 302494
13 KB
9 facebook.com
www.facebook.com — Cisco Umbrella Rank: 94
902 B
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1408
s.amazon-adsystem.com — Cisco Umbrella Rank: 371
4 KB
8 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 4743
4 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 670
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 802
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 873
9 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 441
mug.criteo.com — Cisco Umbrella Rank: 2007
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12693
ads.eu.criteo.com — Cisco Umbrella Rank: 6808
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8959
dis.criteo.com — Cisco Umbrella Rank: 949
20 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 380
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 13231
4 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 1199
r.turn.com — Cisco Umbrella Rank: 3913
3 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 634
ads.yahoo.com — Cisco Umbrella Rank: 1269
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
5 KB
7 wp.com
stats.wp.com — Cisco Umbrella Rank: 3196
pixel.wp.com — Cisco Umbrella Rank: 2686
i0.wp.com — Cisco Umbrella Rank: 3431
124 KB
6 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1519
pixel.quantserve.com — Cisco Umbrella Rank: 621
2 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1226
3 KB
6 truste.com
choices.truste.com — Cisco Umbrella Rank: 967
57 KB
6 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1211
854 B
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 772
3 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 5680
www.google.de — Cisco Umbrella Rank: 3714
2 KB
5 openx.net
adasia-d.openx.net — Cisco Umbrella Rank: 39338
rtb.openx.net — Cisco Umbrella Rank: 2105
u.openx.net — Cisco Umbrella Rank: 1062
950 B
5 adasiaholdings.com
adnetwork.adasiaholdings.com — Cisco Umbrella Rank: 59547
1 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
200 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 982
857 B
4 anymind360.com
anymind360.com — Cisco Umbrella Rank: 18031
135 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3795
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1317
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1526
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 905
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1254
s.tribalfusion.com — Cisco Umbrella Rank: 3445
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
20 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1955
850 B
2 volvelle.tech
a.volvelle.tech — Cisco Umbrella Rank: 28356
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2163
mwzeom.zeotap.com — Cisco Umbrella Rank: 2158
923 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 915
903 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6186
637 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 891
795 B
2 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3854
761 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1001
2 KB
2 realestate.com.au
sasinator.realestate.com.au — Cisco Umbrella Rank: 6578
1 KB
2 sportradarserving.com
sportradarserving.com — Cisco Umbrella Rank: 2803
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1188
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 805
1004 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1112
482 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 483
938 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1763
829 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4220
triplelift-match.dotomi.com — Cisco Umbrella Rank: 6073
207 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 775
848 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 908
648 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1753
contextual.media.net — Cisco Umbrella Rank: 747
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
76 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2197
376 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3930
534 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2099
501 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1857
654 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1447
509 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1280
44 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1379
213 B
1 storygize.net
www.storygize.net — Cisco Umbrella Rank: 3063
419 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1792
47 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1154
380 B
1 hgrtb.com
sync.hgrtb.com — Cisco Umbrella Rank: 2889
259 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1202
591 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1535
462 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 836
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 366
595 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 45983
510 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1128
781 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 893
416 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 521
1 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 823
534 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 7096
30 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 306
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
827 90
Domain Requested by
148 s0.2mdn.net mustsharenews.com
s0.2mdn.net
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
s1.adform.net
54 cm.g.doubleclick.net 10 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
eb2.3lift.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
53 pagead2.googlesyndication.com mustsharenews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ad.doubleclick.net
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.googletagservices.com
47 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
mustsharenews.com
s0.2mdn.net
googleads.g.doubleclick.net
44 eb2.3lift.com 4 redirects mustsharenews.com
ib.3lift.com
eb2.3lift.com
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
anymind360.com
37 mustsharenews.com mustsharenews.com
36 choices.trustarc.com choices.truste.com
choices.trustarc.com
31 s1.adform.net track.adform.net
s1.adform.net
ghent-aws-fr.bidswitch.net
mustsharenews.com
hal90004.redintelligence.net
27 www.googletagservices.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
s0.2mdn.net
googleads.g.doubleclick.net
26 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
mustsharenews.com
www.googletagservices.com
22 prg.smartadserver.com anymind360.com
14 eus.rubiconproject.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
eus.rubiconproject.com
anymind360.com
14 match.adsrvr.org 10 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
ads.pubmatic.com
eb2.3lift.com
ssum-sec.casalemedia.com
13 sync.mathtag.com 5 redirects tags.mathtag.com
sync.mathtag.com
mustsharenews.com
13 www.google.com mustsharenews.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
googleads.g.doubleclick.net
12 ib.3lift.com anymind360.com
ib.3lift.com
mustsharenews.com
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
12 googleads4.g.doubleclick.net mustsharenews.com
10 track.adform.net hal90002.redintelligence.net
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
s1.adform.net
hal90004.redintelligence.net
10 metrics.getrockerbox.com 4 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
10 fonts.gstatic.com fonts.googleapis.com
www.google.com
9 www.facebook.com 2 redirects connect.facebook.net
mustsharenews.com
8 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 ib.adnxs.com 2 redirects anymind360.com
eb2.3lift.com
acdn.adnxs.com
8 prebid.ad.smaato.net anymind360.com
7 static.criteo.net ads.eu.criteo.com
7 c1.adform.net 5 redirects eb2.3lift.com
ads.pubmatic.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 simage2.pubmatic.com ads.pubmatic.com
6 x.bidswitch.net 5 redirects eb2.3lift.com
6 px.moatads.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
6 um.simpli.fi 5 redirects ads.pubmatic.com
6 ad.doubleclick.net www.googletagservices.com
6 choices.truste.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
6 odr.mookie1.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
6 de1-bid.adsrvr.org 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
5 token.rubiconproject.com 5 redirects
5 sync.1rx.io 5 redirects
5 pixel.rubiconproject.com 4 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
5 image6.pubmatic.com 4 redirects ads.pubmatic.com
5 secure.adnxs.com 5 redirects
5 i0.wp.com mustsharenews.com
5 adnetwork.adasiaholdings.com 1 redirects
5 connect.facebook.net mustsharenews.com
connect.facebook.net
4 pixel-sync.sitescout.com 1 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
4 hal90002.redintelligence.net 1 redirects mustsharenews.com
hal90002.redintelligence.net
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 tags.mathtag.com ib.3lift.com
tags.mathtag.com
4 cms.quantserve.com 3 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
4 ad.turn.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
eb2.3lift.com
4 pr-bh.ybp.yahoo.com 2 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
ads.pubmatic.com
4 tlx.3lift.com anymind360.com
mustsharenews.com
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 anymind360.com mustsharenews.com
anymind360.com
securepubads.g.doubleclick.net
3 pixel.onaudience.com 3 redirects
3 pm.w55c.net 3 redirects
3 hal90004.redintelligence.net hal9000.redintelligence.net
hal90004.redintelligence.net
3 ap.lijit.com 3 redirects
3 r.turn.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
3 sync.targeting.unrulymedia.com 3 redirects
3 rtb.openx.net 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
googleads.g.doubleclick.net
3 sync-tm.everesttech.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 ads.pubmatic.com anymind360.com
ads.pubmatic.com
3 www.google-analytics.com mustsharenews.com
www.google-analytics.com
2 gu.dyntrk.com 2 redirects
2 a.volvelle.tech 2 redirects
2 pixel.quantserve.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 bh.contextweb.com 2 redirects
2 us.creativecdn.com 2 redirects
2 js-sec.indexww.com anymind360.com
ssum-sec.casalemedia.com
2 sasinator.realestate.com.au 1 redirects eb2.3lift.com
2 sportradarserving.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 onetag-sys.com 1 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 pixel.mathtag.com tags.mathtag.com
2 hal9000.redintelligence.net mustsharenews.com
2 sync.tidaltv.com 2 redirects
2 px.ads.linkedin.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
eb2.3lift.com
2 geo.moatads.com z.moatads.com
2 z.moatads.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
ib.3lift.com
2 a.tribalfusion.com 1 redirects 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
2 www.google.de mustsharenews.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 mug.criteo.com mustsharenews.com
2 gum.criteo.com 1 redirects
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com mustsharenews.com
1 simage4.pubmatic.com ads.pubmatic.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ssum-sec.casalemedia.com js-sec.indexww.com
1 match.adsby.bidtheatre.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 sync.go.sonobi.com eb2.3lift.com
1 match.deepintent.com eb2.3lift.com
1 csync.loopme.me 1 redirects
1 www.storygize.net 1 redirects
1 acdn.adnxs.com anymind360.com
1 u.openx.net anymind360.com
1 contextual.media.net anymind360.com
1 rtb.adentifi.com eb2.3lift.com
1 bttrack.com eb2.3lift.com
1 sync.hgrtb.com 1 redirects
1 triplelift-match.dotomi.com eb2.3lift.com
1 sync.srv.stackadapt.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 ghent-aws-fr.bidswitch.net 1 redirects
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 insight.adsrvr.org 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 mb.moatads.com z.moatads.com
1 ssbsync.smartadserver.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 p.rfihub.com 1 redirects
1 dclk-match.dotomi.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 ads.yahoo.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 id.rlcdn.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 s.tribalfusion.com 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
1 prebid.media.net anymind360.com
1 htlb.casalemedia.com anymind360.com
1 fastlane.rubiconproject.com anymind360.com
1 adasia-d.openx.net anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 cdn.jsdelivr.net anymind360.com
1 pixel.wp.com mustsharenews.com
1 id5-sync.com ced.sascdn.com
1 ced.sascdn.com anymind360.com
1 stats.wp.com mustsharenews.com
1 cdn.ampproject.org mustsharenews.com
1 fonts.googleapis.com mustsharenews.com
827 147
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
anymind360.com
R3		 2022-03-04 -
2022-06-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-05 -
2022-04-05		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.adasiaholdings.com
Go Daddy Secure Certificate Authority - G2		 2021-05-13 -
2022-06-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh

This page contains 90 frames:

Primary Page: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Frame ID: E22E83F09FBD792D9D898DA87DD5F60C
Requests: 162 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html
Frame ID: 8AF399C83EF289811293D64C53590625
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&adk=1812271804&adf=3025194257&lmt=1648528726&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528725869&bpp=2&bdt=404&idt=259&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8764973342713&frm=20&pv=2&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065858%2C31065550%2C31062930&oid=2&pvsid=3574826518820115&pem=105&tmod=1219740895&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: 0D25A43B8E1C39B4C407CF7A09241623
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Frame ID: B2EC763FC3E3318980248FE75A295602
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b89cfe23f824c%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D214%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Frame ID: 3DAB9C6B83E0AA558796929ECABF46F8
Requests: 1 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28670F3298064F9CB2EEB068C09DE51A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d0c943c44ff%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Frame ID: 866F6E41D2A1DBBA387504BD42F8A714
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C279F4F89643D154361AC092E0FB6FD6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F75EB60778EF373727B96BB17C29DDF
Requests: 2 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B3A6F8285502A8DAB34891E746F8542
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EEE63DBB2BE9A1ED2FF866E8BB58E6CF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 339D3B7105CC7ECADA743255C8BA5857
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D266D571036B15B671C03203EF448FEF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E30E8BF5F4C4A3F7925FC17D31D96EC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Frame ID: 5F10BD363B6496F056D6F65F98CB550E
Requests: 25 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DDF34FEE07671BC9FF29B5C10C0F73C
Requests: 31 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8A91CED3BCEAF6D78A661F82DAE5C28
Requests: 25 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 72E867456F5E1D9029DEEDF5CC376F5B
Requests: 25 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 6D765C768396A544564BDFB1AD4E6D10
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 672F003715281FB7B07265628B87AE57
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 873D54AF3CF45663571FA5C94B45690C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46AAAFD4F6BF74CAAAAB5EEB64968523
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6kxLqCiHlsMv9PbhoBRMqZ-oqpvW_49Z5J2FPQSXfSygbtTZIwvBpeLgSskkxXZhF-eIZxz7QpPDufTjiMcs72lzmRQUtHhZaFSpPjgzPiwMtm9n_-_bxEfaybYpOlYj3YFheLDDJd13RRETdmHRTObwMmzTnYHsGiEawBaEllxdKLTp6Qv3X5DYZzswc9z11E6Bsav51cmT7meI36o0CzdC3EZsIpldRZ4w_yREN6I84K5MflEr9Thdq1-4-YD0VJcC6kFYFaUrMv-6gKryYVSVzCQxZKKDbnGpB9FGWXBG2u5xpHk6B3A9V6FZaBbjb6OwGFRS-SnFBkbh4jmV3t2VbQSkpAhMTYyq3IW-MW21Zi7c0WlXPOCj5yQ&sig=Cg0ArKJSzM9vai-1PfWkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3014D49BAD0FC5388AF33D0EB62AF3B1
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: AD7E15699B032CF776389A1A5FC2977D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE19CA66A881EBAC716E0AAE4405543B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4A27E693F846066EE898D4EE3C01033
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Frame ID: 4DC84B426372422BAC761E15D762E781
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Frame ID: DBFF645CD00A3F11C5DC728BDCD336A8
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Frame ID: 712642880C2D592C5DB0A088F00AF3C2
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C1B1416B52C510DDE3168FDE897449D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5AC65BC490C4CA9CD2913ED24E835EB5
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnNKqDB_X0dQ2vbYUPy-JhL_YPzf3IR_Aud3x1OdlW3UqVMMVZwSUy_3p_XSeYJYRnXEq08Syd6zQvj_XIorhESb4Z6yvh92qwaTp1Ing6uuEMskz6RPpb-wyc2DXJMTmZuxT0V038dM2r32BP9DSYdtYsHIPVs1akoMepE2bz7oN46vJb-KCHxxlsjqZvX-lYtsi27oyltrWL_BrqtuUsXMBzmXLcdcjxS_9Ompvzx159eFAWmclI_76XcfvsdMTMrv-j_AXG0u3yJOCI4pzrF-sXeVJ-dtWRJ8OMUeWBDgmR7hc5mCyYNsDWjPNF1ncuD0B0pNfm01NQiET2Bkf0weSrHX3K0CdWuUJbMySsjXAnylA-ymHtJtQ9cdBtz6FTBA5zkQ&sig=Cg0ArKJSzMEILSb3I4MHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E0CB099B4CABD8ED0117B0A01C258C22
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: F53A25455C4320DBCB71AA87703EE579
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4C16C5813891FC0079B6E2DB4A5F0818
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTE3NDQwNzU0NjYxODA3MTgvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzeEdiNGJsT0gxNmRyWVNpLVRNcGdGWS8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODExNzQ0MDc1NDY2MTgwNzE4L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/kF-owedN1BlPV8YXaYtBpYBReFI&nodeid=3012&group=cdg&auctionid=2811744075466180718&shardkey=2811744075466180718&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.87
Frame ID: E30ECF08CB90AA8257449D933F970309
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Frame ID: A9736B468ABE7EAC99126DDAE2AC08AA
Requests: 11 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 708D6B2902E6DB68280DFE455444D316
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 5C12D1C29A01751C4E7DA5E0D3FE1BE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Frame ID: C92498F1DD2106FB0CEB03C211F77CC2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: F3F019AEF4BF6A3138535D0B1D0CBBBE
Requests: 1 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF1158ACC92D5C16E4BDF6CD8ED2C218
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 9FA47AAD2F57C85A9281DFB9F8843F78
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=68229800019956404380390011913002&a=20d2ee0d
Frame ID: 6BC4E27E6BC135B290CD9DB8D6DB69DA
Requests: 9 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: F393776555C9173CD007A80EC80584C5
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Frame ID: 1B0C40554DE30C0E3DCCBB41BAA7D886
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90C59F1B8D17CFAD007E585305C92DAB
Requests: 6 HTTP requests in this frame

Frame: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5DEAD8C91344329C34EEE3AA5A7897E
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 001887792EB5358BE6A2EB62F7BF7BEE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADF904F5FF697E4B1ED90D6FCB3B5319
Requests: 9 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 5A0D70E0298DE19DA387BE96F6E87429
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Frame ID: 53D2B24B7764BDA3D0E4F78FC534AC83
Requests: 25 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 43A41F394601C4AF2A2E4A18912508C7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE1A65F4FAC46BF154096FE3035F3454
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87D370F8866982CBE6497208AA4890A0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5D142030BBE819BCEC30AADC6AC7694B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Frame ID: 0016359DE6FADD43F1A5B4FC1C2587F4
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D1F6CA6F37CDE7574E6BD8577A85750B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9MYKv0Ex3Lz5yaoNGbQEEalPT4-UGN_NO2qLoKUvz0cVTWm3j_oLBQPXOt4ao9qWPgPmxd1eoUfLn9wsEhwfbJo8Ejy6U0U948JKAHJvd9ZyKP84TD7CNqcFcKQqBVK2ZjHy003YunEjvMbZBX03AlamJuEh0EHe-KzpzspUyisXcUJ-Y0bn_vB1Enp9qb5CP6vWNij1gVDGNTTWNxtk3dTQvKsItYuvU_dXZbU9t-5V9Ihsk0uHaAA8V3gmr5JdHUl5Gk0SVvdjqjN5EMhtMPs-v9W8bEiOxEhpZWFPW_EObsH-p8XPvVgygPB4NxRGeW1d8A95WHE4w3cafUENGJCb7TqzJY3sGrmtjKnfpCXo&sig=Cg0ArKJSzHgwMQ1dZ-roEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BB5ED51D2B480B1732EF7352D8C9C08A
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 736A9C5271F4B1100EDD141E3041A73A
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke_M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2;OOBClickTrack=
Frame ID: 2A9398A7F7662D9273E21639BBE21BB8
Requests: 7 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: B69C7F48D835F938EE13439CC6A9069D
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: EAA8EAD60CACA23FC0F5E321DE4BA1DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 086ACC4FD100E1125888DE59A226474D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DA68F744C2BF4DEE0702854AB2ABE24
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 870803FB8054428A9E2A7635065006B2
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NzYzNTE1OTg1MDA0MTU1OTUvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzM3JKeU05SDJ1aHdQUVlUM0VkSml5Yy8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTc2MzUxNTk4NTAwNDE1NTk1L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/9i4rnO8n-6rG-FgZvg4PSqKAdu8&nodeid=3012&group=cdg&auctionid=8576351598500415595&shardkey=8576351598500415595&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.159
Frame ID: 0E6F26C8C5FDB4ECF37D4920262FE9E3
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=28850
Frame ID: EE185DF3D14688F42FD5803D03C6B833
Requests: 11 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 8C0B2ABE67F05FD5D330FA16A280B0EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 5B4268A26CDC8C407B248D31D37A311F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=77918
Frame ID: 00448BE0B60E52CCC4E6D22F54901CF6
Requests: 11 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10998794/10998794.js?ADFassetID=10998794&bv=258
Frame ID: 092A1041C4EA79EF719A7935C29AC8F0
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: DDD686221B940134D3D9C5261BA65FC1
Requests: 1 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Frame ID: 32063EEA2F502B920A121A6D0F1AB0E6
Requests: 8 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: FD9269468CEA1C0F6CAAFEB11365D2BA
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10998794/10998794.js?ADFassetID=10998794&bv=258
Frame ID: A87688FF81BAF87DD9CDE449A7157A05
Requests: 13 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 1305AD97C0CAC4A6A98DF3E7C4594517
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 22ED54934DC866D1C9606C7DDFFB0559
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C3020%2C2030%2C173%2C251%2C175%2C233%2C178%2C3018%2C2028%2C3017%2C2027%2C3016%2C214%2C159%2C237%2C2025%2C337%2C117%2C338%2C97%2C99%2C77%2C3012%2C3010%2C182%2C222%2C3007%2C201%2C4%2C246%2C203%2C326%2C80%2C228%2C10000%2C9%2C229%2C108%2C307%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 9A50461F39EDF2DD92DF0915D7CB7E94
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: D4122EA798F67065505DF6F8ED56E283
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C34836C631CB3EB7FF30FE424289E4FE
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5685513A62738B332EDE9142053E11DE
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2801DA16BCAD5D7ADD7337EE4282387E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 93DF2A43EA48A7041007B68018B02E02
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 46E51CC3B1CF3390ADD2DE0BFD8EEA4F
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A90510C5-1356-49F1-9108-77B091D3BC11
Frame ID: D558259DBBB3138848CE5C5C8942147F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:050d6242-8d57-4900-b380-362d6e8120ae&gdpr=0&gdpr_consent=
Frame ID: 742D14BACE5BA0A03AA925458FDCA4E8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EA37CA20D23666450E45771921933533
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5446892411108895198
Frame ID: CC91E9AA87D87F9D9D71EB72BBE89017
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7080376990466177175
Frame ID: 03E5DB52A07C7848A0AD6C395B247CAD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3FDE448FEF62B088056E6E1322360778
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

35 Arrested In 4-Day Operation Targeting Scams, SPF Cautions Public To Stay Vigilant

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

827
Requests

87 %
HTTPS

28 %
IPv6

90
Domains

147
Subdomains

98
IPs

13
Countries

7334 kB
Transfer

17996 kB
Size

123
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://adnetwork.adasiaholdings.com/2060/call HTTP 307
  • https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Request Chain 74
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmustsharenews.com%2F&domain=mustsharenews.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ooxnfXx6ZFR4WWU2emxhQ2VaTHhWekhOWHVyMFNBL01HWjNQbDd2VUNVVEJFdXhSNEFJRi9RT20rQ2dVbE1VVnhpZXc2QjJubXJqejdXL2NPV2NHeGVLcFdzcjZobWp1TWViWXF5T3dhVGNRbFpoM0N5ZzREZTZ0SDB0WFdXaFBCS3FhOGx3M0pNQzFLMzVsc0QycEZNQVRtcGROeUcxbU1XRW5MSXhVNnI0aFo3VE1GWU5xck1TZEp5YXMzMUsrODZOeiswV0kwTUNLMWVKMjdJejZLSUQ1SDM4S3A1QmVLYnM1ME02WSs0T0VObG95RUplNlIveDJVOFNkajZhMnRnN09ifA&cppv=2
Request Chain 136
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=403902689943296&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b89cfe23f824c%26domain%3Dmustsharenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmustsharenews.com%252Ff2759d8a11df398%26relation%3Dparent.parent&container_width=214&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fmustsharenews%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=&width=265 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b89cfe23f824c%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D214%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Request Chain 152
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=403902689943296&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d0c943c44ff%26domain%3Dmustsharenews.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmustsharenews.com%252Ff2759d8a11df398%26relation%3Dparent.parent&container_width=0&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fmustsharenews%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=&width=265 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d0c943c44ff%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Request Chain 170
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 171
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26tier_three%3Da99jcch%26tier_four%3D1e7nlzp2%26uid_ts%3D1648528726 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dweight_watchers_subscription_germany%2526tier_one%253Dttd-display%2526tier_two%253D0a7a8j6%2526tier_three%253Da99jcch%2526tier_four%253D1e7nlzp2%2526uid_ts%253D1648528726 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528726
Request Chain 192
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 193
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF4ydwxccetirzUfjrbUPS0&google_cver=1&google_push=AYg5qPJ8OVCCpNmyZBTZd-qZjeYxz0Xf_wVwQtQp0S3HPKQbYLp9BvS6GBNhrEkZnU_KUw5W09jpxyZOv8UEDIzrSeodlbjQ8EQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF4ydwxccetirzUfjrbUPS0&google_push=AYg5qPJ8OVCCpNmyZBTZd-qZjeYxz0Xf_wVwQtQp0S3HPKQbYLp9BvS6GBNhrEkZnU_KUw5W09jpxyZOv8UEDIzrSeodlbjQ8EQ
Request Chain 194
  • https://um.simpli.fi/gp_match?google_gid=CAESELpsd6G-etGESlC8DbkbxO8&google_cver=1&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNACuQ8nFDwOVl8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNACuQ8nFDwOVl8Q
Request Chain 196
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECwFAzqzWqH1RDoCWFUSSI0&google_cver=1&google_push=AYg5qPJN6kp96oh2qmgFkTfixU96rIr3W8IBHVg-OVUDR77tlAmH2ITsi_GWD1tPBtcLXGd1v_7sadgQyTVcs2oSzaYkxZzGzlg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECwFAzqzWqH1RDoCWFUSSI0&google_cver=1&google_push=AYg5qPJN6kp96oh2qmgFkTfixU96rIr3W8IBHVg-OVUDR77tlAmH2ITsi_GWD1tPBtcLXGd1v_7sadgQyTVcs2oSzaYkxZzGzlg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJN6kp96oh2qmgFkTfixU96rIr3W8IBHVg-OVUDR77tlAmH2ITsi_GWD1tPBtcLXGd1v_7sadgQyTVcs2oSzaYkxZzGzlg
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwdFwreukdk2RdmasKtYEQ&google_cver=1&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piWAKQJAJ8Vxky-MCuDb9A_dOPbn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piWAKQJAJ8Vxky-MCuDb9A_dOPbn
Request Chain 198
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJg5RJRGJfI_0Ymf5YTLkog&google_cver=1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1648528727419 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI%26google_hm%3DA7oNh2Bw2UE5oHi1z-7Yd0s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 202
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26tier_three%3Da99jcch%26tier_four%3D1e7nlzp2%26uid_ts%3D1648528727 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 214
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26tier_three%3Da99jcch%26tier_four%3D1e7nlzp2%26uid_ts%3D1648528727 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Request Chain 224
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 225
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26tier_three%3Da99jcch%26tier_four%3D1e7nlzp2%26uid_ts%3D1648528727 HTTP 302
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Request Chain 277
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6eBlBwbomjsgMRMKkiGtXsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 278
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyNDAwODU0NmNmNjkxNmU1YmU5NDRmZjY3NmFlODI4NjdlY2YwNw&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 279
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1BNFU07-1S-6BRL&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESELnJb0310qYWUsjAwc2iJ_E&google_cver=1
Request Chain 281
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1BNFU07-1S-6BRL&sigv=1&esig=2~54e3950fe6f9d6787f603747403b5212840a58ca&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 282
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Request Chain 283
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Request Chain 305
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJVAianchvblFjM0fwq393A&google_cver=1&google_push=AYg5qPKWxUjNV8GlGrivOMDAWERyY4ulwjuGEkhETbCLKI08rAxpCUJGvGjGeZwpx25oKDwG3uvZ6LuoIn-R785jdk-T9jm2m7iG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMWR0E-0Octx8xCaryiO4G4&google_cver=1
Request Chain 307
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAnU6rLVTTZQKNRpoddjK4g&google_cver=1&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdxecFTxz_E10Zi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdxecFTxz_E10Zi
Request Chain 308
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEDSFpqQhBhJjdJmHqvMw94E&google_cver=1&google_push=AYg5qPLa3CUa8xc9-pJgERlQ0eusCo-gxKvc2OPA757BG3T-8-tqO-l2m8dcqZTkFCkUEvC8NBgWmUyTy3Cfm8fautipUjSur697 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEDSFpqQhBhJjdJmHqvMw94E&google_cver=1&google_push=AYg5qPLa3CUa8xc9-pJgERlQ0eusCo-gxKvc2OPA757BG3T-8-tqO-l2m8dcqZTkFCkUEvC8NBgWmUyTy3Cfm8fautipUjSur697&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=3PidZZRXQjWJLcwmgcKVvA&gdpr=1&gdpr_consent=
Request Chain 309
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDtGTvhtOtsPmYWFtOpGyto&google_cver=1&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDtGTvhtOtsPmYWFtOpGyto&google_cver=1&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433822998846891&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E&google_hm=MdALljQiSMW3j-2lrs3c9A==
Request Chain 310
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHwgZYsqBwwBf5WWP9FjdaQ&google_cver=1&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcnhix-xcDp2ubDVAw6mG0j HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHwgZYsqBwwBf5WWP9FjdaQ&google_cver=1&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcnhix-xcDp2ubDVAw6mG0j HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcnhix-xcDp2ubDVAw6mG0j
Request Chain 311
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw
Request Chain 322
  • https://um.simpli.fi/gp_match?google_gid=CAESEFj0VYhCP3sNJspocThONa8&google_cver=1&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnEAKT9D3zVUIMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnEAKT9D3zVUIMI
Request Chain 324
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGJ6ypm91Xtp86Tbmaptu0M&google_cver=1&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A2eB1r6Xt2fTl8EA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A2eB1r6Xt2fTl8EA&google_hm=4XE5EogaSuuqTBX5WOklSh4
Request Chain 325
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENEj_OA4Z6kd3-OnHP8pZvI&google_cver=1&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04urbTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04urbTw&google_hm=NDA2Mzg2OTA1OTMyOTEzMTgzMA%3D%3D
Request Chain 327
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBtxNgCE4ryWboO7VkdLK6M&google_cver=1&google_push=AYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0%26google_hm%3DA7oNh2Bw2UE5oHi1z-7Yd0s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
Request Chain 370
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9ui6ySMAmscnOrB6kfxQE&google_cver=1&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_eWrJTZ5h98W9g22hHsQRUGfDPx7DdlUOMMVwClfopw_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_eWrJTZ5h98W9g22hHsQRUGfDPx7DdlUOMMVwClfopw_&google_hm=-6UqicMVkVDpwlMDUbfNYg
Request Chain 371
  • https://um.simpli.fi/gp_match?google_gid=CAESEHrDZX-_Di4jaGDkCEfWShQ&google_cver=1&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwqE-daXmpiERCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwqE-daXmpiERCQ
Request Chain 372
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoo5lxm9eXZV4Qe-CJcqZQ&google_cver=1&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzxp7K9KTtV98TW6w3Bk-svz6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzxp7K9KTtV98TW6w3Bk-svz6
Request Chain 374
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_cver=1&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a
Request Chain 375
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMCSKS1sTVfekBz3GD5GXrs&google_cver=1&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMCSKS1sTVfekBz3GD5GXrs&google_cver=1&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew&google_hm=8754594ed3efe6a5056aec7f
Request Chain 422
  • https://eb2.3lift.com/sync?max=10&cb=74367 HTTP 302
  • https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Request Chain 433
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
Request Chain 435
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
Request Chain 437
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3642358105815023776598?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5NoGt7JE2oTt3tUjXj1xNX9F5gK7DsuUEdRuXg.BzQ--~A&dongle=0883
Request Chain 440
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3642358105815023776598 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Request Chain 441
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 460
  • https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=9991301684516&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=9991301684516&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 489
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Request Chain 539
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAA2jiWbDXmgjZnNQA2d9qA&google_cver=1&google_push=AYg5qPKDHMNqQnTicWDKJpQTt4iJkI1c0_cWKiEYRmwPtD-28PHxjnhFwSb2hRGBjlbXk4rgvsQ1ezwbNt62H7KL0hd6qFJ_OXY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDHMNqQnTicWDKJpQTt4iJkI1c0_cWKiEYRmwPtD-28PHxjnhFwSb2hRGBjlbXk4rgvsQ1ezwbNt62H7KL0hd6qFJ_OXY
Request Chain 540
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECs22FyPhP3quApjc9lm8uQ&google_cver=1&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLvalHR6xtsvNvtg9bU4PVhBNCRrM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLvalHR6xtsvNvtg9bU4PVhBNCRrM
Request Chain 541
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ&google_cver=1&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ
Request Chain 571
  • https://um.simpli.fi/gp_match?google_gid=CAESEMq_f0MvSnjIQL2ZaiXu1ts&google_cver=1&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEuglUK95OJUjHCY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEuglUK95OJUjHCY
Request Chain 574
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENe2u0h-Rs7QGKCMEMjwCJg&google_cver=1&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4DzVPxCZPxCsTuXoO4IzxFMww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4DzVPxCZPxCsTuXoO4IzxFMww
Request Chain 575
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECwD7mPbLi441B9QQgFLH-k&google_cver=1&google_push=AYg5qPI58zWAmzzpTyAanvYgBD0s2OKmZqpmvxuL8Xe8lrSmU4mqVvTk2vLZ-EvBohy58iKLCWWvVTySiunkvmHkDSACSVO4ueGr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI58zWAmzzpTyAanvYgBD0s2OKmZqpmvxuL8Xe8lrSmU4mqVvTk2vLZ-EvBohy58iKLCWWvVTySiunkvmHkDSACSVO4ueGr
Request Chain 576
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECt01CNC8Q9pxVMyyqTmE5M&google_cver=1&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAqg8FEZ01Hpn1TQt3okd3CZgJOa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAqg8FEZ01Hpn1TQt3okd3CZgJOa
Request Chain 577
  • https://match.360yield.com/match/ebda?google_gid=CAESEEnZKnM0xJGQXKSXmKN4Hu8&google_cver=1&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEnZKnM0xJGQXKSXmKN4Hu8&google_cver=1&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik
Request Chain 615
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFJTUCeqdt3QHXE2xUllX3U&google_cver=1&google_push=AYg5qPIwJe7Oco8BkQjbxHSkdNJlibLnseD0iYyl8XeJv3TdTY8EjAGidGdUtSDtwkGy3PrS6Pi7xxGdpZclNfEJ8VWNrxqCsTY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
Request Chain 616
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAXbTmM6QxsrKo3SzRxOR_4&google_cver=1&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMyaxOQT0_cv7Sk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BQ1iQo1XSQCzgDYtboEgrg&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMyaxOQT0_cv7Sk
Request Chain 618
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENjh_8YKbB8_U-wjMsqbezE&google_cver=1&google_push=AYg5qPKhGoMnU-6YjyI0HC7_S68JruOdSAm_v5Updm5xamla38B4qLD5Fusbqnfq4pZbLisxrynQK_Afp7C75D3VpEnzqHc_dnU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWtLTlZ3QVFpdEg3bXdBeQ==&google_gid=CAESENjh_8YKbB8_U-wjMsqbezE&google_cver=1&google_push=AYg5qPKhGoMnU-6YjyI0HC7_S68JruOdSAm_v5Updm5xamla38B4qLD5Fusbqnfq4pZbLisxrynQK_Afp7C75D3VpEnzqHc_dnU
Request Chain 620
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0 HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0&apid=UP20ba6696-af1a-11ec-900c-06b097fc39c8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMGJhNjY5Ni1hZjFhLTExZWMtOTAwYy0wNmIwOTdmYzM5Yzg%3D&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0
Request Chain 621
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOIUyoUe0XnHcOdjx4Dl4rc&google_cver=1&google_push=AYg5qPLkoQHVMxqJRXRsIBJKo23BGOaPdQXu0R1T2Wgn-hE7Z2YqcSVc_MsZwkflRQlH19fcTw4fnpMTAoxGXQu2U4_wjWRyiLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLkoQHVMxqJRXRsIBJKo23BGOaPdQXu0R1T2Wgn-hE7Z2YqcSVc_MsZwkflRQlH19fcTw4fnpMTAoxGXQu2U4_wjWRyiLg HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 628
  • https://ghent-aws-fr.bidswitch.net/imp/0.055/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R53694719_Qrtbwp_R_I_WAUCTION__PRICE_X-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0_Qrtbdata_RB85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke__M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/iNZNU0NX4FSslciXoOiaPKO-McqjWzly-GkIkfTpDRdTuFqZAa3Idc6tfGnQCK0EeYimSjMVPModm4q_kUIUxlyBkUoLdBeZuMTalfqmDRqkUZ0sMlN0H5WgNvkRGe5odsaGv9qfy03djVfGkQ0DZPrsvS_YS3HZilcNM1jCasrRihqL22lRE4W_6GkyDCwkJQ861qKPSaa8QFsyBkSbNeBG9g1SoAfGBHSaMe8Cqi5LxLdnLVsDL9JABZEiNo-od9Kql5cwYgDXTJN4IRYHd9ImCwng1P_-MZaoY_c8dj2iXObqzvdUFQRCzjioSBLunX1BIDXKj6091Ee17-1r5MG7bTr_19DTcIAIrNURAaWMvid2nIjKUBHEJTk-WV4LUSmG8_V9CfJNwpdOjMok5W--9GdoOAZZPS7Kns7jZZaUISn8ONM4F6ycvfG-TZyMmeaLrKxm4sxyjHV3i3xMgpneKcv8i3y65UdHQcJ02z18RSvyGbgtMgfcfRA848aMTRHqAc9nu26whtzWEgkFKCLlxC-28rN_jO2XJdpT8Hp9DlVS4bsSUmsh8WXF7eNd8yuSUt_gQ1-oH2pmmk2E5fZ3IUooZnvDs8fP2Guybd9V4cuXN6ciBnXsyD1rMk2iFiPBeGM6lVbX44upGcAFZ7XxaDvAtJXjwcZyTJXO-d1Ldf4CdCvqYmVxVjYRTEVRMQ3pR8b0MqTN59vHDvRd1uie1kFVeq1H5-qTbsn9h9Bjc6_AMv1XyC8AlJnXkDABw2E4Q8diFPchC-xaGkMEO_NGJZNPJvgbjCiMf1IRhBekxBg7PrJzu-SOonesfTrVAZKObGO-C2LV5-ED7b8y0CNWN-ZJW5-bebTF4XOqO3MfzckccyLs1kxgBqaEOJ1pD5ykIIp1DVbsoiPYVJH4nsC3RsMuuZ1UpKCw5atcXIJbDnCVDDKjUQ878WZgeiUMVAgafnpssfg2hzDrDm01ZKUm79Aw8HafW60MNNXwEmU5pyE/ HTTP 302
  • https://track.adform.net/adfscript/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke_M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2;OOBClickTrack=
Request Chain 655
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENWh_HDNK7mNaO4lauJDrOM&google_cver=1&google_push=AYg5qPKv4wdTvk2jqo-hEBtoL1-06CB5Gs4D0rVz1WckNSgWa8rZ-UcNiR711VISbNPULCG355ElUMVCGXNpKRJK8k-9bQ34-51k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
Request Chain 656
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDHGNZX74Pt3dpwmMctyAEs&google_cver=1&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60WzJm2jqalJ1hh9cn6mdnrrfSoVLnxhspkihrQ7ExmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60WzJm2jqalJ1hh9cn6mdnrrfSoVLnxhspkihrQ7ExmA&google_hm=-6UqicMVkVDpwlMDUbfNYg
Request Chain 658
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENIosmG6GiA_NWwV5chxrt0&google_cver=1&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQp6XVoFwcw6SH8GUpU6-8QB7s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQp6XVoFwcw6SH8GUpU6-8QB7s
Request Chain 659
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_cver=1&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX
Request Chain 660
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECnH0nagbSbqmBKobn_J4eo&google_cver=1&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOPJjyXU24fszf HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOPJjyXU24fszf&google_hm=8754594ed3efe6a5056aec7f
Request Chain 661
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAqhLcoVdmiIKiGKSos2c8s&google_cver=1&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71FOu7NXQbzSGPj6h9jjs3aWoBUP4MWLnpc6ewfViEO94s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71FOu7NXQbzSGPj6h9jjs3aWoBUP4MWLnpc6ewfViEO94s
Request Chain 697
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3352060286983397244&dongle=d407
Request Chain 700
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AADQWk7EhRsAADM05_FC3w&dongle=bzwx
Request Chain 701
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=21249a50-af1a-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Request Chain 702
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=fae8f556-3ccc-47c6-b074-efc69daedc15&dongle=31ac
Request Chain 703
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YkKNVwAQitH7mwAy&dongle=3c0a&gdpr=1&gdpr_consent=
Request Chain 704
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2467237507975114060&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 705
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f9115326-c831-4821-56a2-54779e58d4ec$ip$217.64.151.30&dongle=4430
Request Chain 706
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=050d6242-8d57-4900-b380-362d6e8120ae&dongle=3995&gdpr=1&gdpr_consent=
Request Chain 723
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Request Chain 724
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=052705a5-42da-4d37-a482-89ecf083ec49&dongle=8f7
Request Chain 726
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=x62rmsn7qp_c-qacyKyymJKqq5zcrKqZxPngpFkc
Request Chain 727
  • https://sportradarserving.com/sync?ssp=triplelift HTTP 302
  • https://sportradarserving.com/ul_cb/sync?ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7963&xuid=2f7fcda1-eb79-4a1d-acd7-1fa01c24031c&dongle=3oy7
Request Chain 728
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=Eypoixf11Nz3D45&dongle=465e&gdpr=1&gdpr_consent=
Request Chain 729
  • https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3642358105815023776598 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Request Chain 731
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3642358105815023776598 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3642358105815023776598
Request Chain 777
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent= HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=diucXp8sRCJd7EXkJGJV&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
Request Chain 778
  • https://www.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=37cf273d-6031-4a9e-b4c2-17b86d952301&dongle=c7e1
Request Chain 779
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=1%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=d4499d32-bbe3-4981-9484-a62e6b593966&dongle=9e4f&gdpr
Request Chain 782
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=1%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D5b4qZxfLLIJe%26dongle%3D8bee%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=5b4qZxfLLIJe&dongle=8bee&gdpr=1&gdpr_consent=
Request Chain 784
  • https://ums.acuityplatform.com/tum?umid=23&uid=3642358105815023776598&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3391&xuid=659356420806&dongle=6f30
Request Chain 785
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=8D4CCE8DE2E3495EB286D967A4F31EE0&dongle=yf3
Request Chain 786
  • https://sync.1rx.io/usersync2/triplelift HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1330889337 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2666c1fb-f4ba-4414-8244-b277cf67c3f8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003&dongle=2dcc
Request Chain 791
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:050d6242-8d57-4900-b380-362d6e8120ae&gdpr=0&gdpr_consent=
Request Chain 793
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5446892411108895198
Request Chain 794
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7080376990466177175
Request Chain 795
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 796
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=050d6242-8d57-4900-b380-362d6e8120ae
Request Chain 797
  • https://pixel.onaudience.com/?partner=214&mapped=A90510C5-1356-49F1-9108-77B091D3BC11 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=2666c1fb-f4ba-4414-8244-b277cf67c3f8&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2f9bda9ec23d04ae/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=2f9bda9ec23d04ae/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f54018147d2022c4ff0b03d4b9e9e81d&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2f9bda9ec23d04ae HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-4188cab5dd77&zcluid=2f9bda9ec23d04ae&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL2zJxijDaxSuTkzrXn434s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-4188cab5dd77&zcluid=2f9bda9ec23d04ae&zdid=1332
Request Chain 798
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTkwNTEwQzUtMTM1Ni00OUYxLTkxMDgtNzdCMDkxRDNCQzEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 799
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQrpzz44WKAjEFnSyI0CCw&google_cver=1
Request Chain 801
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5971110037465093560
Request Chain 802
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2666c1fb-f4ba-4414-8244-b277cf67c3f8
Request Chain 803
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2467237507975114060&gdpr=0&gdpr_consent=
Request Chain 804
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D
Request Chain 806
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A90510C5-1356-49F1-9108-77B091D3BC11&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xshEIP5E2uWVgAiJb6Ip_GdTxKEs28M-~A&gdpr=0&gdpr_consent=
Request Chain 807
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=31d00b96-3422-48c5-b78f-eda5aecddcf4 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=31d00b96-3422-48c5-b78f-eda5aecddcf4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=c5f996f7-093f-4a17-a817-258d0bb7ae1f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31d00b96-3422-48c5-b78f-eda5aecddcf4&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 808
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c6f31ae-13f5-4f36-ad98-b1cf028addec&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 810
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&dcc=t
Request Chain 811
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkKNV79poFf3MCPgFLG1.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN3aOeGRk-LWF34R9NjIziA&google_cver=1&gdpr=1&google_hm=2
Request Chain 814
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=h4Li1onU49Oc1e_QiIP71NKF4tCcg-PVhNYm8eSR
Request Chain 815
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7eacac0a-ee0f-40d8-ac05-58180a0a95b2&expiration=1680064732
Request Chain 816
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 817
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Eypoixf11Nz3D45&gdpr=1

827 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mustsharenews.com/spf-arrest-scams/ 		183 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6ad3591cb930c5dbf80b6133e778a96c776dbb2888c5e211fa21496fdb763a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding,Cookie
Cache-Control
max-age=600
Link
<https://mustsharenews.com/wp-json/>; rel="https://api.w.org/", <https://mustsharenews.com/wp-json/wp/v2/posts/326555>; rel="alternate"; type="application/json", <https://mustsharenews.com/?p=326555>; rel=shortlink
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp%2FlVRGEmOLD6TNMafNN1dXz1CdnED4QAfbnHKrEF0JgwFOjn5ERVv2EaCUBZlL5xbXZNA4hOG26AsQLRk4EbVJNRdWtsOn2yRQ9gphgQOp0ncpfP8bvEQutibbHfKCjBSKisGYVwmyI2g%2BqqJcV"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6f35eaf4ec78599b-MXP
Content-Encoding
br
style.min.css
mustsharenews.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.4
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 19 Jul 2021 00:56:57 GMT
Server
cloudflare
ETag
W/"13abe-5c76f69fc6840-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auF3T262fRXsnWixTwif8qdUf9lDQerkhbgz0B1DIlzQSuSkRvjXKrG78ImWWSyyDkOw86gOgmMTaJJZjT1cwyv0t0bXxhOZqetMU7ZFIn5IWmZMEkTM1Z00eznlsbpJLXgrxA2naISU1myt%2FzoX"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf65e2b599b-MXP
mediaelementplayer-legacy.min.css
mustsharenews.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 29 Sep 2020 15:53:06 GMT
Server
cloudflare
ETag
W/"2bf8-5b075c75d5c80-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAmx9NfsQNukuIOg78N3TSC48kHlTlF8tjB8D0zkcLOOowItX8rCgg%2BSrfo3V0b6H107UgknudVIfok7OZpdHBsLREwMW5CO2o0EcoAND%2BVu4wSkVZwZF1wLGRXeqWIMQuU7QIvgfmJJUvTCWSLw"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf67e5e599b-MXP
wp-mediaelement.min.css
mustsharenews.com/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.4
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 07 Jun 2019 20:45:02 GMT
Server
cloudflare
ETag
W/"105a-58ac1e7924f80-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cI%2B4I1hpZvcsS5%2FUj1g8VECsh4cbvRSWaGTJmrRG5qlmrKLKxbHkj8y%2BWfKpZd7zoO1eoUbzZ%2B2pIySjytDowABWo3AzkvCY2N5OQNMTETB0SacsdEHF50EUzlrvT36Qp5Vx8foqQ130aArqutB"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf6885959ad-MXP
styles.css
mustsharenews.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Cf-Polished
origSize=2731
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 08 Mar 2022 10:41:59 GMT
Server
cloudflare
ETag
W/"aab-5d9b2a17473ae-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pjuPYm27DhL1sEFVxJBQpwAW9hP5ku1qmafkNqvDy6s2ebNHLz3Qb4skwDW6e3NGCq3Q8rK1t28K557I5888X%2B3VKuLg%2BcNzmKjNI6pZ7B1odD5yWKAo6A9w6jnTUNuzwG1J6EYfNYZmvuBsjZt"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf68ad459d1-MXP
Cf-Bgj
minify
mashsb.min.css
mustsharenews.com/wp-content/plugins/facebook-sharecount-plugin/assets/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/facebook-sharecount-plugin/assets/css/mashsb.min.css?ver=3.5.7
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4832891f440eef69f6db3572ef7fc3e69f6635bf0d56af126b3930c0a5070e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5712
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:22 GMT
Server
cloudflare
ETag
W/"b75f-5cae1efc9657f-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwMmMcqfCgBiyQPJcXAkpB4ADqamwNAgFEio%2Fq8aq76CGceTTH1TEkjyOcjir9ryPOFHa3esFfXa05FGtwy1MgHL50F7z7P%2BO62xwNp5AlZ8G6yMIHvayfmF%2FprK%2BOWUmep9lafgWaurvx2KBmPv"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf68bf58397-MXP
mashbar.min.css
mustsharenews.com/wp-content/plugins/mashshare-sharebar/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/mashshare-sharebar/assets/css/mashbar.min.css?ver=5.8.4
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa9346d4445de08b9e12c573d88ec23c986a390c018b46bc2d0286ae4922b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:33 GMT
Server
cloudflare
ETag
W/"58e-5cae1f06ebc34-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecZsmD8pt%2FNgSsLTumTJLlHIxtEiRMyqL8fzZrXwLAophv0AT9vWiEgkcw5VboHO9C%2FEdK8MwnB%2F98Niww9ModuqDRDzV6gyPfgpNKhot%2F%2FuuzuZwjaujRo%2FSfRZVG5ga%2FzykVnt2Qh%2BpgnRLQJq"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf68902374b-MXP
style.css
mustsharenews.com/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=9e241c87ee8782e8f19bb886a935e653
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6423be11726e1e0b4634c6eff293988080151402a0b5fa202b0d3ba768053261

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4
Cf-Polished
origSize=70108
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:49:57 GMT
Server
cloudflare
ETag
W/"111dc-5cae1ee4a79a3-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EF1TFYjCvN6IsIE2T42CvUoxg6j7eXQJXNigdBTuZYco6jfIleo7d8MK6vl5QdmySkhKRAHQTLKkYGddTNV1%2FhkUC%2BHraIxZqjEI4vQkUI1wTH0IWnIXAV8WzdVJy1aFMtP1eqIqyYQ55Qsd8Zt1"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf68e29e8f7-MXP
Cf-Bgj
minify
css
fonts.googleapis.com/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5ecac81bed7e5fdbcd9b8d8caf945748cf52ec470f69451828579b97c29b78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 04:38:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 04:38:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 04:38:45 GMT
style.css
mustsharenews.com/wp-content/themes/Newspaper/ 		903 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/themes/Newspaper/style.css?ver=9.1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be624c6915035ad35c909f2470e9002f2f81b6b719b991f3bfc32386e3bc6ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Cf-Polished
origSize=1229551
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:49:26 GMT
Server
cloudflare
ETag
W/"12c2ef-5cae1ec7010f2-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvFc3wAUrkqvZJm8KLc5y15lQJ0jGZyM2xs6tHBRku2WhIINht3fwqdg5raNPj2bki8LwRy9nPgfdKpSl8c60OjMvxjkXx2dMRvwlkmkLpAr%2BOvIIUSLsUL%2FRWhbSbrhRv42ttzVfLQln%2BSCzKB5"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf6ae9e599b-MXP
Cf-Bgj
minify
jetpack.css
mustsharenews.com/wp-content/plugins/jetpack/css/ 		86 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.7
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26aba82da1d312d1dbc9358d949d7c63465f31da706b44aa0394f6bc70c0c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Cf-Polished
origSize=87940
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 08 Mar 2022 10:42:30 GMT
Server
cloudflare
ETag
W/"15784-5d9b2a344bbf7-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0GfyyH%2FjfAI9o8H5T%2Bwt%2BuoDRXyemFCym3vrLY1toCajohjk9tLWVr3aqtPVjUmsoatcFS1ZlxVD8WpjHestysk42Pu31R43%2BaVc9hfoDbYNOi8iufFUg%2BmvPJp%2BHnR%2BEMOBg2qf4DL4rvF7Rck"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
6f35eaf6b8a659ad-MXP
Cf-Bgj
minify
jquery.min.js
mustsharenews.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 10 Mar 2021 15:07:24 GMT
Server
cloudflare
ETag
W/"15db1-5bd3006388300-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEXfrGCLyppi%2B6Pun9Veqq1cXc5ETxniomcZsDDRTDAc1C6wU4A844HFFCNkayOhXVpsgROHhAEq7Mw98mV7bZI2dKjFCbNavsgPXVPTy27lpRDmxiBMg4pthl67sJR%2F0G9OBOT7tFAxxTyLmWvr"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6b92a374b-MXP
jquery-migrate.min.js
mustsharenews.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 18 Nov 2020 09:06:06 GMT
Server
cloudflare
ETag
W/"2bd8-5b45debe27b80-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLhAAvQBBt3G7wVEsGX6Vh761bsz8Ai44olbxX6brrqOb6HB8%2FDA5hWkOS9WC4tId9wAYfYcHyI49hbjDGCDlbdALHJ0ko%2BZwtEUt0dIAxfLd3XcI4nJ4sGRnsKV%2B0jQvkjpuvpv68P7GYl8s1dD"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6bb1259d1-MXP
mashsb.min.js
mustsharenews.com/wp-content/plugins/facebook-sharecount-plugin/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/facebook-sharecount-plugin/assets/js/mashsb.min.js?ver=3.5.7
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee12b93ba50a11840fa569d1a4d299a2a044b0c4e16adc69e769c5846c22daa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1598
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:23 GMT
Server
cloudflare
ETag
W/"f7a-5cae1efce66b3-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjUTP9cTjKTVGWg7f7TnGtWxCRsGGk1hf5ez3LvdUifV%2BdJWwPgJNMenKSy9EDFIC31Xpwvuo71DqU%2BDyz24uQBjVD1mz2N6ktxyq8VMieaXtNj9R9qlFug9gbxh6wf2%2B5nTXM%2F%2BItRSj5iGorS9"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6be4de8f7-MXP
mashbar.min.js
mustsharenews.com/wp-content/plugins/mashshare-sharebar/assets/js/ 		803 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/mashshare-sharebar/assets/js/mashbar.min.js?ver=1.3.9
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177d03a93d5bcfcf091484b3da03592467931ab06aa64492c229c3b7e293470b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:33 GMT
Server
cloudflare
ETag
W/"323-5cae1f06ff4b1-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bascSNMNh5LZXtn9MSD8rOjBrHrPNmDnBAeXzoH6tNZSSbFg2BtOQZQ0rejepwZvY9TOK69n07qXIjogoGqVC92ndB9M71aE3rFdGNCS7RAPOqcsG8OXLEcT9fzQuEbZtVM2qllIkT6y4l5Celh9"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6cc788397-MXP
smush-lazy-load.min.js
mustsharenews.com/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.5
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Sun, 06 Feb 2022 12:48:22 GMT
Server
cloudflare
ETag
W/"1ef2-5d758e62df37d-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPUUtbs%2FxoZygu067IWpv8wAlAJ1fYmpfN0oPgDJgkTKjQpPlTB%2Fnf4f95tn6mHtTxJqejpf7UgCJeaqWOE48BI6XUlFTL52B1iuN3NzE2LDjL6ErkS%2FDvXfSOy6h%2FUGFuCD0dTzJyX0%2Bhz50Anu"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6e8f959ad-MXP
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54789758-1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
001f04b6bcc2dfe221c9d9c58278ad907ab8aee7faa83a9e5ac9cbd66b38a644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37770
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 04:38:45 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c607a5916fd05f9012c1a9c6be0871fa1c098d53c124959c01ed3b48c45c051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53784
x-xss-protection
0
server
cafe
etag
16072258401545433373
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:38:45 GMT
ats.js
anymind360.com/js/1816/ 		166 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/1816/ats.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22d020772d4885ac0ed5f7913304e8eb6e161eb32d3cc658e725959a0955a79e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
fastly-original-body-size
31057
age
44521
x-guploader-uploadid
ADPycdvw9QwhGO4-sZAoG-qVIEGo3E9Dx3oN_GtyJPAzzXTIvynoKxmvkOOYg__Yy8PkBKbvECQGmdlF_gueglMm3vqwGfgQsQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
31057
x-served-by
cache-tyo11927-TYO, cache-mxp6952-MXP
access-control-allow-origin
*
expires
Mon, 28 Mar 2022 16:16:44 GMT
last-modified
Wed, 23 Mar 2022 15:08:55 GMT
server
UploadServer
x-timer
S1648528726.536140,VS0,VE1
etag
"bea19ce9cd828a49384d36455fd14ae5"
vary
Accept-Encoding
x-goog-hash
crc32c=bV9Wkg==, md5=vqGc6c2Cikk4TTZFX9FK5Q==
x-goog-generation
1648048135880897
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=43200
x-goog-stored-content-length
31057
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
1, 1
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
470c5074c671f376d6f3ac789824ebf538f6188ae517f8495696d11d0ad351b5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10331
x-xss-protection
0
server
sffe
date
Tue, 29 Mar 2022 04:38:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a24217a6b0130710"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Mar 2022 04:38:45 GMT
regenerator-runtime.min.js
mustsharenews.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
6540
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Jun 2021 00:06:13 GMT
Server
cloudflare
ETag
W/"1906-5c563acace740-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt65MlnfRmCztWJu5hldTiUH0R7BFbvF2Xtyi1HQaxkyCRxd62Srdv2qbzQWAnY%2F48RdHo6uaG5xPoNo7lJmy4kP%2BjCYlddkhXeUIzjSHamuI1CwxguVXAlNxyJs4ldV2vMQKrfAKOMmfBQqBqML"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6ee6fe8f7-MXP
wp-polyfill.min.js
mustsharenews.com/wp-includes/js/dist/vendor/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 14 Jun 2021 23:18:11 GMT
Server
cloudflare
ETag
W/"4056-5c4c2122a12c0-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BmbPEjMoaeurPVLLOEw5IsSVM6bdQmEhiKugljBGuqGECVxBLbCx%2BMXgXb30apcAJsck%2BVlkohWZ%2B8l7adYGe4rXQWJ9JE%2FTS8tUlF2PF7nvhhKHIQbqjDjKf1m%2B3nuWjqbxufBrysFWeX6Bkzw"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6f965374b-MXP
index.js
mustsharenews.com/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 08 Mar 2022 10:41:59 GMT
Server
cloudflare
ETag
W/"25f8-5d9b2a174834e-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUPrDwbF%2BnjiP83sKWw1sHAD6IXhVEtlmrbYv3fts5xibLVYvVAF1cztzl7k6AzA%2Fb7w7ktQLcgLj%2Fysn3PnTSjTEGhGYFCIYpd7mhQvCBhEVBLFcUuDfkTYSvZ4kHGu%2BUpvyMlk6Md8B8tx537b"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6fcc18397-MXP
Cf-Bgj
minify
tagdiv_theme.min.js
mustsharenews.com/wp-content/themes/Newspaper/js/ 		215 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f550edcd8ddd3406cf76d5043489a7344ba8fac4a51a2e13bdd6eaeca5629369

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:06 GMT
Server
cloudflare
ETag
W/"35d8d-5cae1eecd3536-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6oXpCL%2BcZIizbxRWnY6x9xunHCFCOD8HNj%2F4OBbmTWXuSjVy4120rzbHCMgtQkSYIJaljEHG7NaQQ0z%2FEQxPjEsnXfYmy6Qf%2FVje8LQLwdAuoONR1I30NK0%2FC4rw4WER3g6AeTVhAP%2FpZS0m%2BpW"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf70b9b59d1-MXP
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&ver=3.0
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0071fd6b2bd57ac47bfefa8744308f8fb5367192a787bb3ddca9c48e51ff3545
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Tue, 29 Mar 2022 04:38:45 GMT
index.js
mustsharenews.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		999 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 08 Mar 2022 10:41:59 GMT
Server
cloudflare
ETag
W/"3e7-5d9b2a174a28e-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1XUnfUDb4nei8CffeiYMBoxc4Y%2Bv3J%2FV6Qp9eLprWun2vBeOhbZobtSIgcVxF8GbHxtiLD6f8nLv5asK7eXgSywlbGNpPNFsWeNqNmCD9S5LP030X%2BXbK7kMx3kaWYowK%2FTyAC%2FZclPwemF4pPr"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf6ff17599b-MXP
Cf-Bgj
minify
wp-embed.min.js
mustsharenews.com/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2068
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 15:29:24 GMT
Server
cloudflare
ETag
W/"592-5b83cfce57d00-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wyn09BMi0IYT%2FS4cKNebV2iz95035%2F5MkosACOdi6O3nQu%2BeTu%2Fj5tZB7nt9eLi4mTeMcYyU0uUpLeHnKzXwxXxD1GxBP55qjZqX8g65B2OTXkLtu6%2F8XYkqey%2FwzQVbwz%2FcNnDCATZBILT2xbh8"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf7093d59ad-MXP
e-202213.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202213.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 20 Mar 2023 07:02:07 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2039
date
Tue, 29 Mar 2022 04:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 29 Mar 2022 06:04:46 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8187ce6268c7ec4b13ff2b76ca711cbd3d2bb080ed02b126f533c9d1a8307939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gYMiisjcdU5TD8+TZ+J8Aw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1684
x-fb-rlafr
0
x-fb-debug
xjDUTUYBAfMPQ5pHDchRq43EvQozYUyT6hmO0FKwPlPxIv+/qsmbMAqAWo2hczmjVtkLtbALVdaIzym8DwyN1g==
x-fb-trip-id
917726464
x-fb-content-md5
5074336e33dad9c35a8c2049b7c3a3f6
x-frame-options
DENY
date
Tue, 29 Mar 2022 04:38:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"96e210fe31d99349a84fba7754d930d4"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 29 Mar 2022 04:49:43 GMT
wp-emoji-release.min.js
mustsharenews.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
6540
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 08 Jun 2021 22:15:12 GMT
Server
cloudflare
ETag
W/"4705-5c4487ddedc00-gzip"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhc5%2B7K161iIOr66gYmQO6ga5mNXdET%2BWbPHKATe2VY0tGcSEv4I9w2NPXNKI%2FtPOMspcKRllJjtXfR0fzh26lOstrFTh7isqtUWgqbO3E9OoqW%2Bm0BPwBTJ2eBW%2Ff2%2Bi9bbpHsLLdkTRuch6E%2B%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6f35eaf74bf459d1-MXP
gtm.js
www.googletagmanager.com/ 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFFLZCT
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c94c1fdf97052265c8a11d46b749c01ad62d34e8ae33e7c6fd63d284fc8ad89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39894
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 04:38:45 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158497/5984/ 		245 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158497/5984/pwt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 07:01:22 GMT
server
Apache/2.2.15 (CentOS)
etag
"15c1e33-3d366-5d07de90548cc"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=112867
accept-ranges
bytes
content-type
text/javascript
content-length
77259
expires
Wed, 30 Mar 2022 11:59:52 GMT
smart.js
ced.sascdn.com/tag/2060/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/ats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-197.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41c9b724c00dba4554fa04b5637b2fec7b9067f208d11a974cbc4dd608de787d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
30865
Expires
Tue, 29 Mar 2022 04:53:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
TqRaqgfFFv2f6DRDSZe4RZ0/gnQXqKOcJExKCgo3DLd5k/PrTOdpY57XLcOhWlcZ20YxL8bJW8dNjioSG/Fkzw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 29 Mar 2022 04:38:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
newspaper.woff
mustsharenews.com/wp-content/themes/Newspaper/images/icons/ 		22 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/wp-content/themes/Newspaper/style.css?ver=9.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Referer
https://mustsharenews.com/wp-content/themes/Newspaper/style.css?ver=9.1
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1745
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:51 GMT
Server
cloudflare
ETag
W/"5630-5cae1f17c0374"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbTfhc%2F1KO9qi8Vmzxx2HvaEQNEcY6KwNZMNRUqxGmZZkINf9CohwpH1syzTS%2Fekurw4SuA35UQgfKdsxSC4M6C8iKYliBEocQgU%2FhQbMli%2BUZN7Ncv5Jr7WvIRHfBqOF%2FMgAN%2Bg7KZqboDczbwg"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Cache-Control
max-age=14400
CF-RAY
6f35eaf759b759ad-MXP
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:39:33 GMT
x-content-type-options
nosniff
age
460752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 20:39:33 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:22:37 GMT
x-content-type-options
nosniff
age
494168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 11:22:37 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 20:07:55 GMT
x-content-type-options
nosniff
age
549050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 20:07:55 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:18 GMT
x-content-type-options
nosniff
age
515127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 05:33:18 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
539595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:45:30 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 21:26:13 GMT
x-content-type-options
nosniff
age
544352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 21:26:13 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:46:00 GMT
x-content-type-options
nosniff
age
539565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:46:00 GMT
Logo-red-cropped-181.png
mustsharenews.com/wp-content/uploads/2018/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2018/10/Logo-red-cropped-181.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b76b2df4b5c17bb821b7d35a73bb35c2f0a2d3242042898af129b5d5638678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3476
Cf-Polished
origFmt=png, origSize=2288
Content-Disposition
inline; filename="Logo-red-cropped-181.webp"
Connection
keep-alive
Content-Length
1586
Last-Modified
Tue, 31 Aug 2021 22:44:52 GMT
Server
cloudflare
ETag
"8f0-5cae2b2b1450e"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVupnxwG8GFgr0aJ8WnvXjDBBzV1wASgEnbrmrBev1BkTKykyijpBn7l6cl6upmaQ59FY3NKfc6QhFhxD9pZmVGDE5FVis99f0FtprrPCYy2BJxqCVW87mc1v%2B9IQhBHws%2BlW6XZI1PH3HdzE9FJ"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf81b0e59ad-MXP
Cf-Bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&ver=9.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
553136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 18:59:49 GMT
librefranklin-regular-webfont.woff
mustsharenews.com/wp-content/uploads/2018/10/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/uploads/2018/10/librefranklin-regular-webfont.woff
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0458df465ed91976d098c684ee1ece072857ec798dfa003f2d66f2702c8bf562

Request headers

Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1745
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 22:44:46 GMT
Server
cloudflare
ETag
W/"7a88-5cae2b24c428a"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Bu%2B%2FchuDyV6Qet4z63rpgiIpyJaTCboWnPF6233hh63D9Ti42pasnXI1MdMhBm0e2I2%2Bxr5sWQVSGzQRDsPLZSgj6hgQgDxwT%2BujdazgOErv%2Bswf3rbK5ZVt1UESPj8xcrsX%2FNDFJiRMdabgXLL"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Cache-Control
max-age=14400
CF-RAY
6f35eaf81d2059d1-MXP
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Referer
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
application/octet-stream
102.json
id5-sync.com/g/v2/ 		212 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.110 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p23.id5-sync.com
Software
/
Resource Hash
f2116afe23c229e57e1c07df9a5ebe8f92ddc13af3d9d945f646c4e68b1e5984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://mustsharenews.com
Date
Tue, 29 Mar 2022 04:38:45 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
call
adnetwork.adasiaholdings.com/2060/
Redirect Chain
  • https://adnetwork.adasiaholdings.com/2060/call
  • https://adnetwork.adasiaholdings.com/2060/call?cklb=1
2 KB
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Protocol
H2
Server
47.74.174.177 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
7aa4991e4225151b3e5ec5d9b58651c46f859bc0731bf5c567fab4bcc3db1753

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
location
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
call
adnetwork.adasiaholdings.com/2060/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.74.174.177 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://mustsharenews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://mustsharenews.com
vary
Origin
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 		296 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c46eb0b5f03a7abb03d4c8727bcff2dea9fbf083f80b600031394d77a708564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109242
x-xss-protection
0
server
cafe
etag
8344563949400424721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:38:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/ Frame 8AF3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 28 Mar 2022 11:23:19 GMT
expires
Mon, 11 Apr 2022 11:23:19 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
62126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d9362a71bbaee931e1dd2aefe8db602d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63ca8ae47824358ce0a1806051d30aef04b47a8562545985ca94ec7d4b3cdb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mustsharenews.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Z+EMErZrHedigVKyGF6H7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84113
x-fb-rlafr
0
x-fb-debug
wogBtGm4lzJGL9YwkubCeO6u+m3fxEXnTIwZGEQdrbg3GNPPPwvGfUuH7dSaJ2PFukxAdUTUITrpGImUt7T7EQ==
x-fb-content-md5
353470cec86d0dee9b62468f22a4d251
x-frame-options
DENY
date
Tue, 29 Mar 2022 04:38:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e55ebbdaff7f47e41b8e4d21366cb541"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 29 Mar 2023 00:58:21 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 		361 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mustsharenews.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145570
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 04:03:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:12:31 GMT
1346928215461600
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1346928215461600?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f3a0d186e152bbeeb7b23ff5a10baa2b10213413dd9b762e5398fe0108b2230e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
hAUF13InPDjUX1VgsHDQMw6BPp70vD0dYh5nOda7DAMIkO2/B5h6FzxMXpO1y0gHzj3ZB5jIBPLRxw6nEgf16w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 29 Mar 2022 04:38:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=221674520&t=pageview&_s=1&dl=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ul=en-us&de=UTF-8&dt=35%20Arrested%20In%204-Day%20Operation%20Targeting%20Scams%2C%20SPF%20Cautions%20Public%20To%20Stay%20Vigilant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1822678452&gjid=227653336&cid=987807505.1648528726&tid=UA-54789758-1&_gid=999588512.1648528726&_r=1&_slc=1&z=191862812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=221674520&t=pageview&_s=1&dl=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ul=en-us&de=UTF-8&dt=35%20Arrested%20In%204-Day%20Operation%20Targeting%20Scams%2C%20SPF%20Cautions%20Public%20To%20Stay%20Vigilant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=282676292&gjid=1228106330&cid=987807505.1648528726&tid=UA-54789758-1&_gid=999588512.1648528726&_r=1&gtm=2ou3n1&z=904238574
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8a0b50970cafca56cb8591d8f0752fd06d3eb749b83ab20603eb6d13b261faa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28080
x-xss-protection
0
server
sffe
etag
"1172 / 74 of 1000 / last-modified: 1648505260"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Mar 2022 04:38:45 GMT
prebid_2022_3_23_15_8_51.js
anymind360.com/js/1816/ 		279 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
781b0aebb68349b18b83b4e19968ee2e54f02c5ec8a83af982d3a30e3635cd27
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
gzip
fastly-original-body-size
88581
age
393954
x-guploader-uploadid
ADPycduJQXBzv99InK6Pp1CwT8FO2w83w_iVSoDXqYp9tW3iwaWwYIyRP_fj8AOWSpZVLRSRCOiWiaAF2KgLf56WoA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
88581
x-served-by
cache-tyo11937-TYO, cache-mxp6952-MXP
access-control-allow-origin
*
expires
Wed, 23 Mar 2022 15:08:58 GMT
last-modified
Wed, 23 Mar 2022 15:08:56 GMT
server
UploadServer
x-timer
S1648528726.969340,VS0,VE1
etag
"68c4a3413ea3e9e988ef7a46b8367101"
vary
Accept-Encoding
x-goog-hash
crc32c=+q4gPw==, md5=aMSjQT6j6emI73pGuDZxAQ==
x-goog-generation
1648048136036494
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
88581
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
1, 1
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=74748731&post=326555&tz=8&srv=mustsharenews.com&host=mustsharenews.com&ref=&fcp=516&rand=0.4594228186542788
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:38:45 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fbb6ac2042370cd1852813ccf8cc97aa9029eeb074ffd9509eeca2c123690aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mustsharenews.com/
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Wp/7Vp0EotoUzOsJUBhIjg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
/6sWQJvi4KH70igJy0almfkmhJ+s3LNQpfTUIsgkX1eXCLQ9xbPQlAZcMbU8e2uep5u1/NtcdwavgsyL6ZN8zg==
x-fb-content-md5
49b699b8c6e5334a10b569985c7168a9
x-frame-options
DENY
date
Tue, 29 Mar 2022 04:38:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0efa6a820ad9c4bf742391f296f4052b"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 29 Mar 2022 04:55:52 GMT
MARKPRO-BOLD.woff
mustsharenews.com/wp-content/themes/Newspaper/images/icons/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/themes/Newspaper/images/icons/MARKPRO-BOLD.woff
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7717c168fd31fdf0d2570a034cf1f419648556b8bbe9e081788df0f4e0fa60ad

Request headers

Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1276
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:51 GMT
Server
cloudflare
ETag
W/"7304-5cae1f17a7cd8"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4NSnbTQZ07i6hVHsBAsqAmarqlQNaGNWWBA0irEkVEAFUF8p4OkcfEGsfwQzEhDre0mrPnaqxS2neBorIxDfvft%2B0QCNf7u682VSkRs0JwCkIhVB973YFypTQyX39T%2FfylB5GGnuvhmkaOVn75g"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Cache-Control
max-age=14400
CF-RAY
6f35eaf98f1559d1-MXP
MARKPRO-BLACK.woff
mustsharenews.com/wp-content/themes/Newspaper/images/icons/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mustsharenews.com/wp-content/themes/Newspaper/images/icons/MARKPRO-BLACK.woff
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0746aa0afb2c133deb583b50dbde1ea6bef2b5371006723f7304f8dc5a11ad23

Request headers

Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Origin
https://mustsharenews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1598
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 21:50:51 GMT
Server
cloudflare
ETag
W/"fe3c-5cae1f17a9c17"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li%2Fgqg4kwvCfeMfUJEZLR28NW1ZgAf%2FjmaQy%2FG0zLU4h2xv0TIzcUhTa%2FyJy7uae4zMdNGf%2BUp7HnVgfCuBzYvBm2ADypwPMZVgygGtgxLgp%2FBJFPP%2BzTuNQXbxTzva%2BgIBIwBC4HQ8ieGe%2BOAiH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Cache-Control
max-age=14400
CF-RAY
6f35eaf97d2259ad-MXP
MSNews-Banner-Mobile.jpg
mustsharenews.com/wp-content/uploads/2021/06/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2021/06/MSNews-Banner-Mobile.jpg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b602ead2a1b4f31efca9627e70bcbb98eb1b2287e04f3eb933d4a62aacfd51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Cf-Polished
qual=85, origFmt=jpeg, origSize=61499
Content-Disposition
inline; filename="MSNews-Banner-Mobile.webp"
Connection
keep-alive
Content-Length
6846
Last-Modified
Tue, 31 Aug 2021 22:59:36 GMT
Server
cloudflare
ETag
"f03b-5cae2e75ab3de"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZKD6xz9NtGf6B8HiADOpC%2BWqcNolD4XvthMCpqP3F4gl%2B%2BRM67f2QR%2F0gcd37PyQGGNhquXmeN5hJAHJymGxaUoQL9DLliHtRPIpT9EJ0WP5xM4FCtewPRBxANpvVa9jx08LTwqVkF%2FHPM6KH%2BO"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf99b48599b-MXP
Cf-Bgj
imgq:85,h2pri
MSNews-Banner-Title.gif
mustsharenews.com/wp-content/uploads/2021/06/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2021/06/MSNews-Banner-Title.gif
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0daf43c2398393b4b614f18d2f739c22d6f99cffbd2516ffbe23e6f294470c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3477
Cf-Polished
origSize=8527, status=webp_bigger
Connection
keep-alive
Content-Length
7326
Last-Modified
Tue, 31 Aug 2021 22:59:36 GMT
Server
cloudflare
ETag
"214f-5cae2e75aa43e"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrNHEwQoID3jhHq9Fi6oUVti%2B%2FaK6k5iUEJYjnD0aOYEeSPSkWk%2Bt4fBb%2Fz0Twxa21Sz%2FllilJq8NDmAAbYZkRQ7JTVD3kpHBSGfTbL86enT3OJkor%2Fgkig9IaYCHmytK%2F%2F68m3Fk0DhDmR0f2gY"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf99d6c374b-MXP
Cf-Bgj
imgq:85,h2pri
Banner-Facebook.png
mustsharenews.com/wp-content/uploads/2021/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2021/06/Banner-Facebook.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35372eb43dde22c2b729cfd13376c853c0a44d60a478ac5167e57f8b7a4952d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
764
Cf-Polished
origFmt=png, origSize=10271
Content-Disposition
inline; filename="Banner-Facebook.webp"
Connection
keep-alive
Content-Length
3460
Last-Modified
Tue, 31 Aug 2021 22:59:36 GMT
Server
cloudflare
ETag
"281f-5cae2e75aa43e"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ56IOn72FiEmZJQjO9obwNe8nyyth0yv1l0ayPSLo0pMfLEsKuxilkL5ObQDZ2dnaSlh2FMIKqjmMmWvDuMaYIJ90DyC%2F0Ttpwc5eHYyQN1ulJXC405TlRDvqpgMUsjrIJCtL1FQSgzBvwE4x8i"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf9989a8397-MXP
Cf-Bgj
imgq:85,h2pri
Banner-Instagram.png
mustsharenews.com/wp-content/uploads/2021/06/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2021/06/Banner-Instagram.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2486a6cdf1597ce98cf07b9a39284472d19c2b75209ddcf960b635fa03b09376

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2410
Cf-Polished
origFmt=png, origSize=53209
Content-Disposition
inline; filename="Banner-Instagram.webp"
Connection
keep-alive
Content-Length
31502
Last-Modified
Tue, 31 Aug 2021 22:59:36 GMT
Server
cloudflare
ETag
"cfd9-5cae2e75ab3de"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FJ8jZ7EveZihUG8Z9O4Go9eJyduvg0fmb7%2FY907%2BZUEA6jgxRJpVAkrw4hJrzOajJfb2Iya8xyAmdR9m9XWHnX95KqR61KWWPIX60Jgh0IIrfxGfQp%2B5Hji27HdWpzB8ya9iBcYMAThSInU585d"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf99884e8f7-MXP
Cf-Bgj
imgq:85,h2pri
Banner-Telegram.png
mustsharenews.com/wp-content/uploads/2021/06/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2021/06/Banner-Telegram.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0451eb057f839276787041ff6afa9e97d2d815f21d46c22dfb3222bcc04956c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1598
Cf-Polished
origFmt=png, origSize=14046
Content-Disposition
inline; filename="Banner-Telegram.webp"
Connection
keep-alive
Content-Length
5472
Last-Modified
Tue, 31 Aug 2021 22:59:36 GMT
Server
cloudflare
ETag
"36de-5cae2e75ab3de"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbSe%2FZBhtrzB%2FPMk%2BLW2ohkyAWyzwbOPCrq1qWvbL0RgoM%2FBqXIgGNUK%2BallB4SaWALh7BvlSrDu5J8wOKFsfN0CovXf7qksM9elVCUKgtCJ5EC1QeCQM%2Be2EnPlBU%2BMt3gaMUwH3vrBCwdnkBXU"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf9bf5559d1-MXP
Cf-Bgj
imgq:85,h2pri
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=1822678452&gjid=227653336&_gid=999588512.1648528726&_u=IEBAAEAAAAAAAC~&z=1177187662
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Mar 2022 04:38:46 GMT
content-type
text/plain
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
feature-image-for-spf-joint-operation-targeting-scams-35-arrested-1.jpg
mustsharenews.com/wp-content/uploads/2022/03/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2022/03/feature-image-for-spf-joint-operation-targeting-scams-35-arrested-1.jpg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf7c39b1c04634e6ce785fdab6a4fb5708859c05afb6248d2803cfe5372f6f28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
qual=85, origFmt=jpeg, origSize=222129
Content-Disposition
inline; filename="feature-image-for-spf-joint-operation-targeting-scams-35-arrested-1.webp"
Connection
keep-alive
Content-Length
167430
Last-Modified
Mon, 28 Mar 2022 09:34:14 GMT
Server
cloudflare
ETag
"363b1-5db4403f843d7"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2Mc4cpYTnDwJV7CasCbKyZUVVpSINnQHRayrCFKkhZkJ0XCyRNkDUM4DlKR9LiJ7NE7b6hQ%2BzRgUdCwnO8jNbDrmgjzT%2FzWQnusE9M4BarWr2uBYKD5DJeH9T4Fmo0Wol1W9lEfKRIReqRc14Ts"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eaf9b8c48397-MXP
Cf-Bgj
imgq:85,h2pri
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=282676292&gjid=1228106330&_gid=999588512.1648528726&_u=YEDAAUABAAAAAC~&z=368840088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Mar 2022 04:38:46 GMT
content-type
text/plain
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmustsharenews.com%2F&domain=mustsharenews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://mustsharenews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://mustsharenews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1555
date
Tue, 29 Mar 2022 04:38:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccf30038abcbf4d0d612fc493c5bcd879dd1dd585ff7b3c7ca7295e73671da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5853
x-jsd-version
1.0.1294
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-cdg20780-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-iDmWE1MrMNrvMDkuXLj0/xquPQA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f35eafa2cc5020d-ZRH
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmustsharenews.com%2F&domain=mustsharenews.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ooxnfXx6ZFR4WWU2emxhQ2VaTHhWekhOWHVyMFNBL01HWjNQbDd2VUNVVEJFdXhSNEFJRi9RT20rQ2dVbE1VVnhpZXc2QjJubXJqejdXL2NPV2NHeGVLcFdzcjZobWp1TWViWXF5T3dhVGNRbFpoM0N5ZzREZTZ0SDB0WF...
358 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ooxnfXx6ZFR4WWU2emxhQ2VaTHhWekhOWHVyMFNBL01HWjNQbDd2VUNVVEJFdXhSNEFJRi9RT20rQ2dVbE1VVnhpZXc2QjJubXJqejdXL2NPV2NHeGVLcFdzcjZobWp1TWViWXF5T3dhVGNRbFpoM0N5ZzREZTZ0SDB0WFdXaFBCS3FhOGx3M0pNQzFLMzVsc0QycEZNQVRtcGROeUcxbU1XRW5MSXhVNnI0aFo3VE1GWU5xck1TZEp5YXMzMUsrODZOeiswV0kwTUNLMWVKMjdJejZLSUQ1SDM4S3A1QmVLYnM1ME02WSs0T0VObG95RUplNlIveDJVOFNkajZhMnRnN09ifA&cppv=2
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
22c96bdb3d49a5bea2f1650d38d6b96e6a7a5fc99046178a57b15594e0d44514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2659
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
location
https://mug.criteo.com/sid?cpp=ooxnfXx6ZFR4WWU2emxhQ2VaTHhWekhOWHVyMFNBL01HWjNQbDd2VUNVVEJFdXhSNEFJRi9RT20rQ2dVbE1VVnhpZXc2QjJubXJqejdXL2NPV2NHeGVLcFdzcjZobWp1TWViWXF5T3dhVGNRbFpoM0N5ZzREZTZ0SDB0WFdXaFBCS3FhOGx3M0pNQzFLMzVsc0QycEZNQVRtcGROeUcxbU1XRW5MSXhVNnI0aFo3VE1GWU5xck1TZEp5YXMzMUsrODZOeiswV0kwTUNLMWVKMjdJejZLSUQ1SDM4S3A1QmVLYnM1ME02WSs0T0VObG95RUplNlIveDJVOFNkajZhMnRnN09ifA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1688
content-length
509
expires
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mustsharenews.com
date
Tue, 29 Mar 2022 04:38:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
adasia-d.openx.net/w/1.0/ 		73 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eade41ef-42da-4afa-a604-fdb97c195856%2Ceade41ef-42da-4afa-a604-fdb97c195856%2C0a37326a-b85d-4716-8af6-89d4bafc8539%2C7da9df27-cbf0-466b-abcc-ecba26402c8a%2C8e0c1fef-6df8-4d39-9409-e399add5104f%2Cd9a5b31b-9586-4669-9c80-55c7250a7b2f%2Ce36a035a-ed48-45eb-862b-d0f4af560c4b%2C0220aa74-2a31-4ca9-93e0-d2f129289073%2Cb89f55e4-b54d-420c-b8dc-32b71e3c608b&nocache=1648528726086&schain=1.0%2C1!anymanager.io%2C1816%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x180%7C300x250%2C336x280%2C320x180%7C300x250%2C336x280%2C640x360%7C300x250%2C336x280%2C640x360%7C300x250%2C640x360%2C336x280%7C300x250%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280&divids=ats-insert_ads-1%2Cats-insert_ads-1%2Cats-insert_ads-2%2Cats-insert_ads-3%2Cats-insert_ads-5%2Cats-insert_ads-6%2Cats-insert_ads-19%2Cats-insert_ads-20%2Cats-insert_ads-21&aucs=%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid1_autoads%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid1_autoads%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid2_300x250%252F%252F336x280%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid3_300x250%252F%252F336x280%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_bottom_300x250%252F%252F336x280%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_right1_300x250%252F%252F320x100%252F%252F320x50%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid4_336x280%252F%252F300x250%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid5_336x280%252F%252F300x250%2C%252F21622890900%252C22537359798%252FSG_mustsharenews.com_res_article_mid6_336x280%252F%252F300x250&auid=543868331%2C541034920%2C541034916%2C543868352%2C541034923%2C541034937%2C556413115%2C556413116%2C556413117
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
0470e95f409786ee169149e6329c2c279ba31d169c3dbe8a1511f7c69487f535

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mustsharenews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=278128&zone_id=1946822%3B1946788%3B1946818%3B1946820%3B1946824%3B2264240%3B2264242%3B2264244&size_id=15&alt_size_ids=10%2C16%2C43%2C117%2C124%3B16%2C198%3B16%2C198%3B16%2C198%3B43%2C117%3B16%3B16%3B16&rp_schain=1.0,1!anymanager.io,1816,1,,,&rf=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&tg_i.dfp_ad_unit_code=21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid1_autoads%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_bottom_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_right1_300x250%2F%2F320x100%2F%2F320x50%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250&tg_i.pbadslot=21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid1_autoads%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_bottom_300x250%2F%2F336x280%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_right1_300x250%2F%2F320x100%2F%2F320x50%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%3B21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250&tk_flint=pbjs_lite_v4.43.4&x_source.tid=eade41ef-42da-4afa-a604-fdb97c195856%3B0a37326a-b85d-4716-8af6-89d4bafc8539%3B7da9df27-cbf0-466b-abcc-ecba26402c8a%3B8e0c1fef-6df8-4d39-9409-e399add5104f%3Bd9a5b31b-9586-4669-9c80-55c7250a7b2f%3Be36a035a-ed48-45eb-862b-d0f4af560c4b%3B0220aa74-2a31-4ca9-93e0-d2f129289073%3Bb89f55e4-b54d-420c-b8dc-32b71e3c608b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=8&rand=0.2161213164949356
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84dfad548b325ebf2104ef5c98e43ca23cc8b670338301dd75034d5471609b3e

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:46 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://mustsharenews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
452
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=474658&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2261d79766e7bedfb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%221816%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264729b9b358d624%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221825764864%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid1_autoads%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226536c904d25034e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221825764864%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid1_autoads%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2266241d46c09ff6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221825764864%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid1_autoads%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A180%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22683b1db4bed3bde%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827209782%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22699179c1d41aacf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827209782%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22705c9e8fedf55f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827209782%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22710337379da03e8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222091467994%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227216f2e892b6fe6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222091467994%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22735bd3d29c2c0ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222091467994%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22741ddf7ca1fcc05%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827210310%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_bottom_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227520ea4acdcd8fe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827210310%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_bottom_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2276d14a39d8fe224%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221827210310%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_bottom_300x250%2F%2F336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2277d3a02644005b6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2221780412646%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_right1_300x250%2F%2F320x100%2F%2F320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2278e287d1c0db9e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222403052392%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22791f0b7c5c5926e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222403052392%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228004efb7f2c6c95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222403052644%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22811cd3500e6f2ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222403052644%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228229158a6252c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222402894636%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2283987f675b734fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474658%22%2C%22sid%22%3A%2222402894636%22%2C%22dfp_ad_unit_code%22%3A%22%2F21622890900%2C22537359798%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f9cda0e578b3f585ceae7e20152414eebfb9b665140382479f9f7d082e8bd9d

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.30], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://mustsharenews.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 29 Mar 2022 04:38:46 GMT
prebid
prebid.media.net/rtb/ 		1 KB
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f98203900631a678741dbe706f11050e1101a9239581b3edde285af6728ee9a

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
d68e3c1c-7db2-4504-9789-4ae9400d9ddb
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
cceea8ba-d5fc-43bb-a425-8bc926b5324c
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
30835e8c-4cd6-4e80-86ec-f5cf726abdaf
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
bd414f0c-2a66-461c-86c1-563dcbb47161
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
9663ff2d-75d0-41e4-b5c3-a0b18cde4ced
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
b0191564-a1b6-4788-9280-3938493c5b31
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
0f6ea80e-f23c-4858-bcf9-e61c22ba3bf2
prebid
prebid.ad.smaato.net/oapi/ 		0
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.19.104.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-104-156.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:38:45 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://mustsharenews.com
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
1832a3c1-3bb0-4ce2-88f1-d68ffb993d95
auction
tlx.3lift.com/header/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&tmax=2000
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ea728d33fb1fc2f8f694f341e6edc6ad0679e0509d3d702fa1abd11059ea4719
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
accept-ch
sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height,sec-ch-width,sec-ch-save-data
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1635
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:46 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
67442ed8-e94e-4ccf-8625-088f88bc6179
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mustsharenews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:46 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
46d847ad-f1d8-49a8-adb7-09a1627477af
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://mustsharenews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 21:56:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		129 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mustsharenews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e1c61f28734e85a36c41679e6ab0759d6c05f471f03c1a2ab29b542036f2b0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
expires
Tue, 29 Mar 2022 04:38:46 GMT
cookie.js
partner.googleadservices.com/gampad/ 		221 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mustsharenews.com&callback=_gfp_s_&client=ca-pub-9994647129360327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2643db9279e776408de903690d776978dd2c2fb82a1c0e6e9beb34cea3acd9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0D25 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&adk=1812271804&adf=3025194257&lmt=1648528726&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528725869&bpp=2&bdt=404&idt=259&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8764973342713&frm=20&pv=2&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065858%2C31065550%2C31062930&oid=2&pvsid=3574826518820115&pem=105&tmod=1219740895&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 29 Mar 2022 04:38:46 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Mar 2022 04:38:46 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=1822678452&_u=IEBAAEAAAAAAAC~&z=1958934398
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=1822678452&_u=IEBAAEAAAAAAAC~&z=1958934398
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=282676292&_u=YEDAAUABAAAAAC~&z=1173308466
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54789758-1&cid=987807505.1648528726&jid=282676292&_u=YEDAAUABAAAAAC~&z=1173308466
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame B2EC 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe25ea6af2dad0fc8ea30f81dee286b5985beb3bfba3af48a4990420ffbbc97e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4DsnQEp10WCbj7AmHCHVoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 29 Mar 2022 04:38:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-4DsnQEp10WCbj7AmHCHVoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22045
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=403902689943296&input_token&origin=1&redirect_uri=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d9362a71bbaee931e1dd2aefe8db602d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Qvq2e2L69VcvSjLutLMw0efIgAkYDsaFIz4QXFV4cELv5jSpTh2acpX0fYgwKMSTr0wgTkb72LYO2p0fMa4uIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Tue, 29 Mar 2022 04:38:46 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=725465344242272&ev=fb_page_view&dl=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&rl=&if=false&ts=1648528726197&sw=1600&sh=1200&at=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 29 Mar 2022 04:38:46 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=403902689943296&ev=fb_page_view&dl=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&rl=&if=false&ts=1648528726198&sw=1600&sh=1200&at=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 29 Mar 2022 04:38:46 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1346928215461600&ev=PageView&dl=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&rl=&if=false&ts=1648528726215&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648528726214.2059572830&it=1648528725920&coo=false&rqm=GET
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 29 Mar 2022 04:38:46 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ooxnfXx6ZFR4WWU2emxhQ2VaTHhWekhOWHVyMFNBL01HWjNQbDd2VUNVVEJFdXhSNEFJRi9RT20rQ2dVbE1VVnhpZXc2QjJubXJqejdXL2NPV2NHeGVLcFdzcjZobWp1TWViWXF5T3dhVGNRbFpoM0N5ZzREZTZ0SDB0WFdXaFBCS3FhOGx3M0pNQzFLMzVsc0QycEZNQVRtcGROeUcxbU1XRW5MSXhVNnI0aFo3VE1GWU5xck1TZEp5YXMzMUsrODZOeiswV0kwTUNLMWVKMjdJejZLSUQ1SDM4S3A1QmVLYnM1ME02WSs0T0VObG95RUplNlIveDJVOFNkajZhMnRnN09ifA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1199
date
Tue, 29 Mar 2022 04:38:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame B2EC 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 04:03:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:28:02 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame B2EC 		361 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145570
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 04:03:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:12:31 GMT
Omega-Swatch-Feedback.jpg
i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/Omega-Swatch-Feedback.jpg?resize=600%2C314&ssl=1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ca392c46c706c47f0950f668c927c6d55fd4342aad0768a8c796c9dce7ae711
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Mar 2022 11:03:57 GMT
server
nginx
etag
"935999d9597e583e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mustsharenews.com/wp-content/uploads/2022/03/Omega-Swatch-Feedback.jpg>; rel="canonical"
content-length
20174
expires
Wed, 27 Mar 2024 23:03:57 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B2EC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:40:09 GMT
x-content-type-options
nosniff
age
377917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 31 Mar 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2EC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options
nosniff
age
580841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2EC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
553138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B2EC 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 29 Mar 2022 04:38:46 GMT
/
www.facebook.com/login/ Frame 3DAB
Redirect Chain
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=403902689943296&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b8...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b89cfe23f824c%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D214%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d9362a71bbaee931e1dd2aefe8db602d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Z8fwrt40/x/o8ohcbuRVCtWxXP/Ly943bLzLumCeOH2Vab6GSllam/hXd0eqlN5U2Wgcyp55hjqpg9Do11Y9PQ==
date
Tue, 29 Mar 2022 04:38:46 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b89cfe23f824c%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D214%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v10.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
qBT/eFbivN68xQJaX+NWq/ePh1aYXLLqmBvCCh82A9WoMpWitHkdvKHbLEHhKp5wonBEszsTrZ0NqLK3ycQ8ZA==
content-length
0
date
Tue, 29 Mar 2022 04:38:46 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220324&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0311cb561c98f3f007799d1b1031febf9ad720ff2b750bc3d67b06f16e693e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10581
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid6_336x280%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=3&adks=3624312603&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726438&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=5441&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a20d446986dff7b1312a464a9717b65881211aad446d4ad1bcc4c0044909b3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13360
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid5_336x280%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=4&adks=4227454490&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726444&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=4944&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
231efb84a7d22946f1ab6a9b6da868dd6db754a53452ded803f6222eca24122a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13758
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid4_336x280%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=5&adks=3514762643&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726448&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=4610&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
fe5b82edf4409221825ffd8c85eb55844234713d72bc96894dd36a842a1e155a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_leaderboard_728x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90%7C970x90&ifi=6&adks=1573795440&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726450&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=436&adys=955&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d10d79994ff724ed3166b1c3d95970dbf2a9e804a0af768dbc971d011b153c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
google-lineitem-id
5460088530
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138321176240
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_pc_article_right2_sticky_300x600%2C160x600%2C120x600%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600&ifi=7&adks=2180384200&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726454&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=1010&adys=2454&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=324x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1d41e4f089994546bbba0aeaef99c55af939b923fdfa1715b1a81b57c5e7dd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
211995
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12822
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314490
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_right1_300x250%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=300x250&ifi=8&adks=244849635&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726457&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=1010&adys=1875&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=324x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=5&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
eb03b63f7cebd439c060cb565d2405c43cd94a185ef36f70e64891a13fc73ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13590
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_bottom_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=9&adks=3923764495&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26ats_hb_pb%3D0.15%26hb_adid%3D132288de8f4eb30e%26ats_hb_bidder%3Dtriplelift&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726459&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=5679&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=6&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
665db8da710870a5f2aba0043d079d1f89b9d7521939f19ff09871c21e6a4203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9017
x-xss-protection
0
google-lineitem-id
5854036467
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138375144556
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid3_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=10&adks=1037569062&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726461&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=3595&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=7&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6fc31c8520b164f7342ea7ac94546b949eb5b2cb1b1c3728b8e495d77e2bef40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13437
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid2_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280%7C640x360&ifi=11&adks=2765769448&sfv=1-0-38&ecs=20220329&fsapi=false&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726464&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=3127&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=8&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
dd7f1b6aab24a52fd2bd5fa9ea76a98dc355a7d85a1b9228eb2734b198aea8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13434
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3574826518820115&correlator=199156361032516&eid=31065402%2C31065550%2C31062930&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21622890900%3A22537359798%2CSG_mustsharenews.com_res_article_mid1_autoads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C320x180&ifi=12&adks=1654143143&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26ats_hb_pb%3D0.15%26hb_adid%3D131794a39de5019b%26ats_hb_bidder%3Dtriplelift&eri=1&cust_params=url%3D%252Fspf-arrest-scams%252F%26ref%3Dnull%26param%253AisentiaPostId%3Dpost-1&sc=1&cookie=ID%3D6b4267633041b275-220e7fd767cd0042%3AT%3D1648528726%3ART%3D1648528726%3AS%3DALNI_MaoCHUDx-c5fH0aUePf7Xfoy75_BQ&arp=1&abxe=1&dt=1648528726467&lmt=1648528726&dlt=1648528725465&idt=790&biw=1600&bih=1200&adxs=266&adys=1423&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=987807505.1648528726&ga_sid=1648528726&ga_hid=221674520&ga_fc=true&btvi=9&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d395e7816229e9d1fa1ab546e60a3c10dbb468140237d2ecc9f56c45d9db55ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8982
x-xss-protection
0
google-lineitem-id
5854036467
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374718054
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mustsharenews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2867 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com&bust=31065858
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:46 GMT
/
www.facebook.com/login/ Frame 866F
Redirect Chain
  • https://www.facebook.com/v2.9/plugins/page.php?adapt_container_width=true&app_id=403902689943296&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d0...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d0c943c44ff%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d9362a71bbaee931e1dd2aefe8db602d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
7ElsWysi/KybvJSzgSwBD3FcfPy8RJf7Aw3xutNNoKZNxwnF1BTwEvPqffzgm5jH+9okra8rTp+pU3ZKtDgBJQ==
date
Tue, 29 Mar 2022 04:38:46 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D403902689943296%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d0c943c44ff%2526domain%253Dmustsharenews.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fmustsharenews.com%25252Ff2759d8a11df398%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fmustsharenews%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%26width%3D265
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v10.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
XvOaSu92NennrpFKu3SszHHSX/YYQZeryf8bZgNJ1sj08cNn2TW90O3ky6BlLUVxANzsVCQTjJEMiY94g3SkHA==
content-length
0
date
Tue, 29 Mar 2022 04:38:46 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
ARREST.jpg
mustsharenews.com/wp-content/uploads/2022/03/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2022/03/ARREST.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55243e8ee850fcc3ba913136b7fd6fdb9b44ca42e473f5a6c5e47df0bb76f1cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=98452, status=webp_bigger
Connection
keep-alive
Content-Length
92678
Last-Modified
Mon, 28 Mar 2022 11:08:55 GMT
Server
cloudflare
ETag
"18094-5db45569be606"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rx7z7S3vojunZOoKrhKYeDRSADydKtknof2%2F5oGtI16XahiXx5VAjq8jX5OaSFrMByXQ%2BxozmhsKD9I8m4ndTNNMk9t%2FnBaHL%2FcWS%2FKRLdUm4NTOFQkmh4VZIQ9JmwKsOrt92Jwd%2BJIgHbZaaFk"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eafd1dcd8397-MXP
Cf-Bgj
imgq:85,h2pri
grabfood-cover-edited.jpg
i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/grabfood-cover-edited.jpg?resize=600%2C314&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d1a0487fea35c3fd612d68397ae5c95e4b93cf09945d4378b45644d6282eaa9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Mar 2022 08:16:45 GMT
server
nginx
etag
"969e1e902c88e590"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mustsharenews.com/wp-content/uploads/2022/03/grabfood-cover-edited.jpg>; rel="canonical"
content-length
27896
expires
Wed, 27 Mar 2024 20:16:45 GMT
Man-Queuing-For-Omega-Swatch-Tells-Police-To-Shoot-Him-People-Say-Its-Just-A-300-Watch.jpg
i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/Man-Queuing-For-Omega-Swatch-Tells-Police-To-Shoot-Him-People-Say-Its-Just-A-300-Watch.jpg?resize=600%2C314&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ec81b7c067d9329f867aaba45fbd6f41f71df292964bc54116bb6825195d93c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 27 Mar 2022 15:12:26 GMT
server
nginx
etag
"6381f24c3188effc"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mustsharenews.com/wp-content/uploads/2022/03/Man-Queuing-For-Omega-Swatch-Tells-Police-To-Shoot-Him-People-Say-Its-Just-A-300-Watch.jpg>; rel="canonical"
content-length
20734
expires
Wed, 27 Mar 2024 03:12:26 GMT
omega-swatch-carousell.jpg
i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/omega-swatch-carousell.jpg?resize=600%2C314&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fed32a82c107a9c4ba81d67f00e6010857397349d45f131d9aef7321e6ba5b72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 26 Mar 2022 13:36:11 GMT
server
nginx
etag
"4c5a3d7ef4e459d8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mustsharenews.com/wp-content/uploads/2022/03/omega-swatch-carousell.jpg>; rel="canonical"
content-length
25690
expires
Tue, 26 Mar 2024 01:36:11 GMT
Sporeans-Flock-To-Changi-Beach-To-Catch-Blue-Waves-Cause-Massive-Traffic-Jam.jpg
i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/mustsharenews.com/wp-content/uploads/2022/03/Sporeans-Flock-To-Changi-Beach-To-Catch-Blue-Waves-Cause-Massive-Traffic-Jam.jpg?resize=600%2C314&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
41145ced93f800ad1b0345872a1e51275073a3cd9bc607d4d940d05454d87ef6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Mar 2022 16:21:33 GMT
server
nginx
etag
"91d24d171873c596"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://mustsharenews.com/wp-content/uploads/2022/03/Sporeans-Flock-To-Changi-Beach-To-Catch-Blue-Waves-Cause-Massive-Traffic-Jam.jpg>; rel="canonical"
content-length
27962
expires
Thu, 28 Mar 2024 04:21:33 GMT
reload
www.google.com/recaptcha/api2/ Frame B2EC 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98984a492a58345f2c950df5aa59441aa7c6e3bac7f7e06b9b3e69badacd57a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ12kbAAAAAOc3xsOVeEOvsYVw2Z1KebJcXiG8&co=aHR0cHM6Ly9tdXN0c2hhcmVuZXdzLmNvbTo0NDM.&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&cb=f95x7822bis9
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18267
x-xss-protection
1; mode=block
expires
Tue, 29 Mar 2022 04:38:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C279 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 21:47:23 GMT
expires
Tue, 28 Mar 2023 21:47:23 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
24683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0F75 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20984c6e2cb9dd194165cc3dcc76df70588f5bc0a224f5a8eac3f3ec2160d76a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MdAqT3BsTT4/YiqtvNUewA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 29 Mar 2022 04:38:46 GMT
date
Tue, 29 Mar 2022 04:38:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-MdAqT3BsTT4/YiqtvNUewA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220324&jk=3574826518820115&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame C279 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B3A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame C279 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5WDHmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Economy-Areas-of-Growth-100x70.jpg
mustsharenews.com/wp-content/uploads/2022/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2022/03/Economy-Areas-of-Growth-100x70.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448cedfc3027af5a97cb35afd354c8aa47fa14b348e66228572aff751051ffdb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:46 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
756
Cf-Polished
qual=85, origFmt=jpeg, origSize=17516
Content-Disposition
inline; filename="Economy-Areas-of-Growth-100x70.webp"
Connection
keep-alive
Content-Length
2690
Last-Modified
Mon, 28 Mar 2022 07:23:02 GMT
Server
cloudflare
ETag
"446c-5db422ebe39c5"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrWhY1%2FsPJZHb7XbFBMRIY71TPht04%2B1ZXqK1AfrjDHOR%2Bv%2FcGl6qV5MqCegIaSxuwMFM1nYGzn7s9h6ojAMitJZbFFac%2Bgg%2FA5wKwIrb4pJpPt5wRIkJ5kENaRRSfshvhFTL43kMKUaCmfpv%2Fcq"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eafe2dec59d1-MXP
Cf-Bgj
imgq:85,h2pri
/
www.facebook.com/tr/ Frame EEE6 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://mustsharenews.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://mustsharenews.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Tue, 29 Mar 2022 04:38:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1B3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUb4SVo1CYqr9Ho7U3gPDgpbwDv7T969czs-92OoCwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMQCT9Ccua5sxTAO8PcoC66V5DSD8Kx0d6qAMCLn6S5ZrhMs1TcWeIvPMbgXJ4pZx39bdgvf_PXOIvdaQFJs7jAIETM_-pCsEkaMT1ZcLHIOv-krbbpBYPzdxEFkXnHjvusTh2_WZuWz_vBIu4bh-CzrN6pMJGcRsH_bdJeXNv9huJEMn5vMYhgWVYqZH4EIy3lWBnWPGvNNwEE0EbeO7Dg83ZTH8Dfje9HVy50ijqvFjnyrfQmNPVIzPiUFIdpK2-uI_SjQiUDGZagA0-pyCxVBm1wQHjI5YtNCtJ7MBXvq8jTbtR2FKNSKinsOorvws-jJuwuYomNrJ7l_Oh2OEMz9WuGzrfqjHIl1fum61fzyhd4yrIhWNcFzJFWR6P2JsbNSA109fXRg8zKOWjzxHe1Lhe4I8CgwkCojlRj4oeHE1HRGnR0M4AQBgAb_3tqthLOumfsBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4MDkyMDc3MzQ5MDYzNjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=-DVK_0HlBM4&uach_m=[UACH]&cid=CAQSOwCNIrLMaj8gVTWs7rMd7GUnBv_Kv1w11EsTYq_x_FsPBKQKQvLc2mQ3efOby0warDJXPiksXya8SHODGAE&tpd=AGWhJmsgKm7_ZBQWC1VH58uOBxvRb-yNC1RczegwzOrV9ut_azwr7wgTTKbOqQs2CunVwWfyBnh3qZeTDOfzCLKm2wVz4PBBblpCVo8xIrw85m5v_yUk2riV7y6dAmyRAELC6Rx-8oKMiQsN9zEpZzsKm22WpZ_dq3UxVV-iMbun5tYjGgCCJo81Uz_eYuUka8voF2gPDUZmhiG1uFq-edqX7SMwNgR52OyoCMCHdkHQGY3dZJOKcOrNA6eeL_pNf0JRggZIqvHn9OVa-2i3Mhf9gLDFFRZZwFHOgnqqUVQR315n9FFDGR6wIKXppl0h7aTBE6XfPkxtqU4AEwfb6D9QPtl8sy0QkBpLi6DtImqVTaQs8KeXbOQSV8zWr86z6TNA-QKModxIUDW49lKUF9A8y8O4MkSUHGi8ZSAvteaU4N47OlyRJA6V6_g69dnSBIFnfdohDq9E81uwC3yBi3Eo-DRgB2icg5k80mtnQbh8Ux8Avfg7gTmFSLGJOjHkXREQnRfqVd7gitr7a01oVUAgmh7gzMHcs2eyMADiCChtIkXSttTTG_q3hyj5vZffimaCLBjScQmyDOIXFGsoYPc3leluy2uBNAdEAXTUttAe_aodZat_0jL8MOVPw_U5Xy-bfmJOckof8FmnApmxsHYl-0FbiMkCFee5bdpZytl-spcv0ZeOqzPGf1uk1w8_TC2CevXjop7z2LTW91j9pCJTn_ixPg71FxNzhJLlKp8xVFoPzZ1OjsWAoIYNEo__dZb2q4K7nFx39pa3kkFloL01uncSkJkKI_nPZ7qUtC8J-1uxlflFpTXYNDdpjxiAgRWhDhdmUoX8XCLdBOL4ku73VrnzBlSvD33mXv5Z6xLMUKsvoWARRL1pxVJ6lqodrEN6Mg_RmK32Ke3TkXMCwg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
dcmads.js
www.googletagservices.com/dcm/ Frame 1B3A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 1B3A 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=ca54faf9-6140-471e-b43f-78383c463a48&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d56&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1DDWz_Vj0t40p1hb5fKhyWCz2kPoZt3qpenmXRUAc7pM.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.570000&lon=7.440000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_mid5_336x280//300x250&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=6189842f6b3b9fe74a9507a13f83aea40a2f6266&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:45 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
v2
odr.mookie1.com/t/ Frame 1B3A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 1B3A
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26ti...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dweight_watchers_subscription_germany%2526tier_one%253Dt...
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648...
44 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528726
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bogCLrAsGIo1x%2F8d33A0hl8UFsVOfgXB1iLM5Zkr0O0DFdCZsjAXEDdvxHcnWzMPrDSxl2OEo7sf6bh9AIkqxgZTJ4WHdpgGxFIcrzjiC1MXVNCFd7y2RL6NufmEtET2g0xxvYENesWRnI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb03ffa854d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a58dd5cb-4ab1-47fe-bc97-1fafa06d2321
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528726
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
choices.truste.com/ Frame 1B3A 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19531
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
41WDq4ccBGd35faAgLFMsUtS_FE9_6Tyqn3EMhObLfNz8vCK091EpA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 1B3A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B3A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 1B3A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1B3A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame 1B3A 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;ord=hza8pg;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dca54faf9-6140-471e-b43f-78383c463a48%26ag%3Da...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 1B3A 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;ord=hza8pg;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dca54faf9-6140-471e-b43f-78383c463a48%26ag%3Da99jcch%26sfe%3D147a0d56%26sig%3DNR8-Kyc5obZROBSHDD6gRB0BQtY_Y0otKl3lfQXYu3A.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3D6189842f6b3b9fe74a9507a13f83aea40a2f6266%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=15;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
05a93afae8ef6f876d236971d06417d95d6c3d33b9d90c7778e7077e374ae35d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 1B3A 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame 1B3A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;ord=hza8pg;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dca54faf9-6140-471e-b43f-78383c463a48%26ag%3Da99jcch%26sfe%3D147a0d56%26sig%3DNR8-Kyc5obZROBSHDD6gRB0BQtY_Y0otKl3lfQXYu3A.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid5_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3D6189842f6b3b9fe74a9507a13f83aea40a2f6266%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=15;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1B3A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
usync.html
eus.rubiconproject.com/ Frame 339D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D266 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81902
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1B3A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81c8160b5d559bce449cdee1e6080a69244700eb6e4682d8905fdb738f97231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3E30 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
expires
Wed, 29 Mar 2023 04:38:47 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1B3A 		0
286 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9cilK-3c3DcR1NLssZykWOpb5knXYeajX9vYRArZoizdmO6O7l4q1LmQOSiFgYO5-OtQ6hxpNuiZXdgF9p2ia8rYNao9l_DiPfk5eYDIgp6iDvfKIDFWwi8fp4k2MDdtRiMGm-GHwMtaK3KR5R3YE-_Y&sig=Cg0ArKJSzP3PShifrGwrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=65&cisv=r20220324.63031&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DDF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220324&jk=3574826518820115&bg=!5eal5qLNAAbzJazn0yU7ACkAdvg8WrIhJyQWpCDbnzX4CvrGjFkCcly2kNTiC81KRESRtehMMNt64QIAAABxUgAAAANoAQeZAtzHWjjkDiAT5Tcxk4EipjkfLrWCsF4qJLKUB_pKH5cpTOhObVK0cIhqWBTnil9rsjx2VHQ9rAcBAlQYW65adm1Ot0qaPxwth6Cv6JZN8P5KO1AkVNuJtxe9AczRdff9uijWgEtSB2xqqoZtk9AoLNA4nvQdv45zyOZb_ZhR5m1cemNC3ZjOZbtRR_rmqzfMFPOM7rZ8dKWQ0bR7kK77qTZetuKztzwl7hxVxG1lYcxS5XHXZrxdfRR0zHi_0slvS2RdAo4LkBVilJVzXuCouquxJ-Zhohb3c3zsEDvdW4NzML7fC3gxEiMwaDJfgBDCrd81ZtmVuHogKbXAflxXB0KAUBA9R2gLFNAmEM_L5ExC67Ho_9agRJ5rJo19_sjr2vc3dCePKTHffvprHkONs53rgpzHxzQsA3qHiMdHwnkXgQ9fzzAFoKUIPRGwo8oPECXf7pUOMvaQhvA32vAtpCR9N9YK2t7oK1B6vBmV6tbPIfVO35vfqYVx15xS4O-X-mxFdgzCIB-vf9CpWcce38n4zSMs_denTUBjJZlsVWNIMO5iBNoP-KUk_1o8IHW-gCEFCqrAYt9uc_zYav2BZ_Xkq1qoBKhO_-m0Ereje8kmimxgcp85SDNJGoJhywKDKbqF7tOkqo7rR3neopVD74SBVRvl9rGqdNeYrYki5fTT2uBiCrrQPHQWbbVFQ5htHHHqq5VINVLIX5Xw9QrZ6pYyDhgcIuMQ46d9OrTXJVFEo5GkUFVAJLA6RHyGOl1RvpfBr4PsV4eztkLYMuMuhzynFOVkGixPISWqY4bxpEvmt51amVE7syyx6md29b40O7cTvOVcdAHcPEVnW_7FGaCVVqfpqRQvBdh8L6ENeNlzv7yNzrP5XZFUOigwcPn2TDqeB48NV2WissRC-NXwOGwKlUus1bDFFLAXoFIG1U_WEYb7EX9IscgLaBCF32xMfkiy-q0Sao6TpbvpCjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 72E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i.match
s.tribalfusion.com/z/ Frame D266
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCj...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f35eb03fd93cc56-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2430
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f35eb024caccc56-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELoLY4p6NphVoaTr2COX4vE&google_cver=1&google_push=AYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPK0y05YTxf_6qXihhSvcR0N7FFGyS0oioqfTyTNIa13cL3RTtTPZ91H2DWHeFUMUGSh17sUtg6RyK5ucSnhofwnCRzNcCjK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D266
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF4ydwxccetirzUfjrbUPS0&google_push=AYg5qPJ8OVCCpNmyZBTZd-qZjeYxz0Xf_wVwQtQp0S3HPKQbYLp9BvS6GB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF4ydwxccetirzUfjrbUPS0&google_push=AYg5qPJ8OVCCpNmyZBTZd-qZjeYxz0Xf_wVwQtQp0S3HPKQbYLp9BvS6GBNhrEkZnU_KUw5W09jpxyZOv8UEDIzrSeodlbjQ8EQ
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1648528727.405454,VS0,VE94
x-served-by
cache-hhn4047-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF4ydwxccetirzUfjrbUPS0&google_push=AYg5qPJ8OVCCpNmyZBTZd-qZjeYxz0Xf_wVwQtQp0S3HPKQbYLp9BvS6GBNhrEkZnU_KUw5W09jpxyZOv8UEDIzrSeodlbjQ8EQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D266
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELpsd6G-etGESlC8DbkbxO8&google_cver=1&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNACuQ8nFDwOVl8Q
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNACuQ8nFDwOVl8Q
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPInbM8uvyGsN3OlgR8rbbZaWe_xTx556fZAIvCYecVTaHv7ybwSMP-Z4GB9v_ffDS8havHMb4GcvNTjMNACuQ8nFDwOVl8Q
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 28 Mar 2022 04:38:47 GMT
dds
rtb.openx.net/sync/ Frame D266 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOqTs9LfA7c4sDgvHvNy4BM&google_cver=1&google_push=AYg5qPK_q-x6Ixdu36J5tzKwAMkxbVv-C5Upzv0lP832BsIb4R9GqmHGuK3uXkE1UwsFDy7qd1igBqrlB8-bhwgk0X2h5mzCfrle
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
uaf37gqd2g5i9nl5bhd5ami9r0l44rga
pixel
cm.g.doubleclick.net/ Frame D266
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJN6kp96oh2qmgFkTfixU96rIr3W8IBHVg-OVUDR77tlAmH2ITsi_GWD1tPBtcLXGd1v_7sadgQyTVcs2oSzaYkxZzGzlg
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJN6kp96oh2qmgFkTfixU96rIr3W8IBHVg-OVUDR77tlAmH2ITsi_GWD1tPBtcLXGd1v_7sadgQyTVcs2oSzaYkxZzGzlg
date
Tue, 29 Mar 2022 04:38:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D266
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJwdFwreukdk2RdmasKtYEQ&google_cver=1&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piWAKQJAJ8Vxky-MCuDb9A_dOPbn
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piWAKQJAJ8Vxky-MCuDb9A_dOPbn
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIj2X0cZKhXH6aBONHzvDXlp8u7AgdqN-1kGIUVDv9fiRZ8W7FLhkjgHIDqpOfFlDg5piWAKQJAJ8Vxky-MCuDb9A_dOPbn
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame D266
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLDgqAMatWdmUbDaPvox...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLDgqAMatWdmUbDaPvoxtj-7K15SnMbTr0C9faGK_2RTiSLcutFwcIlNM3KyP38NS1A9hjsNQJ4wNqdgBJNhzl0040D6GWI&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
date
Tue, 29 Mar 2022 04:38:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba0d876070d94139a078b5cfeed8774b003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame D266 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdlRVAunoS6muw02ecOj8wlrbxs6myTZtEMJPlluLsjv4oBNiZBrRfG1Or0cc9e3bN7k4H
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 5DDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ95TVo1CYpihKumRjuwP54WG0Ar-0_evXM7PvdjqAsCNtwEQASAAYJWioIKwB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgTEAk_Q7cmewYmccFLDcxXZzFDc56eUwMX1OF444Keel7qcgtwctLQKRpiHAkkXi5GcUIDwmq9bmWVZWq5TjR3ybvbTrZ9x5-AQhTeuZIAc1uq3AiU3FPejmgS6v_edCbyEodwsKtJaVR6sD6dYzt391dpF-sDj4qsciRIEfW-QsA2iLZx1rwjj44FifK6o5ORl-fk9kOeAiA2YEBu5OZoNO5JCPt8ZB2GMxNWN-GsOaX13-SuP6R8z6g3zKpPv4YQecJJ_MorwPvZUhmcdNgpzMQjd7QWIqLEFFUt5AdQUQWZJeR-zTacTgIo3lOIEtbVyHlFHpAAG8NqUBIVJ5TmGiBpUTvx5u5lL_VJwng56hifOiRdO48iJS5W65Ovyy0NyK3nJ4bUfT6Pp1fMyvBlEoco3-SmIZAdY4x43_N_rB8PrjDljmeAEAYAG_97arYSzrpn7AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yODA5MjA3NzM0OTA2MzY5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=lkn0bRI-Uys&uach_m=[UACH]&cid=CAQSOwCNIrLMWmJP_e5oEVZkjLZs5aNAqK1hq8BWUICrS4gEUg2S6c4UXKhqjZ6dtdnmuG9k98QC9oWk0oBsGAE&tpd=AGWhJmv7YHSka_3zjI4P9VWj_ShJr4tT-VqXApFtf1iV4Cv0t2_VgtMsvi1ob5s-0haOlvMpnwVyjHy_G1lEfcTMTo6qPaO0gprxODJGqzwJrDsQOI0-jJmEPpzl5Gy7d0wJlrT2ByonU9Sn93RNj1bgvOw4T61KXvCHvolyBUvvlNkB0jZmS8OfnPCKJZf0XP8e4vuFZcYQJb5tj1WbCObSF4wGmCdauXiFBAg4luPuHRSPe4SmHX-GSPbEFeeZt9wuM9sl6ktl7UHUamTUIH4m71uVlRI2-hZT4rJU94q39J-9txSieEmzrKitpYxuSNhoZKirZ4EOU3hMT8q0K4big2bR38oOGupUu-olq7EIJc8S159tBzCwVMH5pe-llyTTbjhFgCxsJCOHwJjJxS4-QVZgId0IVmKW-r0mMaS1KecgxZ1DAXbw5FMKj78L0rUZpMF3kKk5o_vGb3jXymF8CGBgtiOoGXxodkQYg7D2xM7hVvILn7evsf33PbuqTATGKowZCYoZRmFUXi16okj_DRy3oaEhXFlYj6mgM79qA4HoBNc819QHh1sFvN8jnDqhn_byGTCBqQbhqH9vflDK0VlUKiQZbyA4MbhQKGhmJ9urqk8I3SkCR0e2PGtSemfReDAPEdEg6GOAOqB75A4hm9IAz-5fUX4pG31o-edhBbSofEdFK5SnvvgnLAw0JmMRnlIazV_md9BV9ato6Sj5OL5Wpr6d4cn3RJwNbKtODUnWNTX7LSy6lVEq8G3FxxYzu-T5Hbp5Ndge5oZnknaQy3oOMZOWamUe6VYGkyWy2YUokCzV2pI4LEDyPgTRZmkOGLVBMT1uAZXu7aBXuyG1hdHGysf2Tvst7R_fvjrFK-dkMUfClBumF1OzIvZFT6lxg_jYnMy-XUY8zhKeGg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
v2
odr.mookie1.com/t/ Frame 5DDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 5DDF
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26ti...
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648...
44 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tWK4wf%2FsB%2Bga2UcRf705iRnw9CRo6QgQZnkTbaxjsB%2FVAxYuzVBGqJousp1RM0viLuYhCWq4DW3ecxOML0OlZAbbERqNkERjO3xbUiggNlozD83IdvTsHYybZW5cpddTS6ZMrDIRZwsB5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb03ffa754d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6d94c35-96d1-4eef-87ba-94688ff78c0c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5DDF 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 5DDF 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=9f3ba6a6-4056-4d51-a8bf-e9b376965c43&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d56&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1vvNNRzEJgfdUcAEl9-JYqQbEaMNNnqHPbJUEpa-PPSs.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.549999&lon=7.480000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_mid4_336x280//300x250&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=0d022dd9c278a36ba15bcd5172010b18eb773453&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame 5DDF 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19532
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
KwwAoWh7zgGqLsnpQ-onstLMXxlYSf8ecgAtzMTT7SGi0zKX2GUD2A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
moatad.js
z.moatads.com/thetradedeskv275874568748/ Frame 5DDF 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/thetradedeskv275874568748/moatad.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9a4e1114258ebc7c5d03787c93a4f65c74ab07805b33a2cd06064e9ac81144ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:09:45 GMT
server
AmazonS3
x-amz-request-id
C60AG20PTBJ1R1GR
etag
"7012cb4cc249ec57d9d7cc38f2f9483c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=7007
accept-ranges
bytes
content-length
113018
x-amz-id-2
2r8NjiWrukulzPJxSS/J10spiBtJ7vUQY9dBS3QwkRaSfKxf2dnJeQ0m30aV/jBQof4Rh4XyIGg=
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 5DDF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 5DDF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5DDF 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DDF 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
usync.js
eus.rubiconproject.com/ Frame 339D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14267
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B8A9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxuCBVo1CYp7WOpHU3gOtrJ-4Cf7T969czs-92OoCwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMQCT9CqVxknYHx_LwxQqxf1ymka5Vd949sSinQfpUWKuC-BJuJv5IxkP5COFkWonMkI9XUSAhrEeRC08dKxFJ8rMbeVvVVab34s7EbK5EoPyOVqVUNjFfoo_ew2MKFTieiA3FMWvNcnuel0Hyf5IZvju_Z60-Yn50zt_i2jNnyDXOtcvMN8O3-qHkU5pm9xLau30pmlfIMNFz7_51rkgqOJ507dik25E7Yvc8v08HYbVmykfN-KyHqMZyMotahQXVLg2iMgO5LnJr2XRJJBL0WK6WrFnb4Ubdut6ZPLwZ3_UGUKUFsgbzvkSdGclrj2FtviSEprPKQ8zQvjGLXa5-X5_PVcD8VY6EbmIp2B5CUS0aI4NiwyVneKDl7R6YwFIW_oR7QDnH9TRp4kjA14TvKP0FTw7EAblVhpdovXt7Ojkb9TkszA4AQBgAb_3tqthLOumfsBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4MDkyMDc3MzQ5MDYzNjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=TeJgJTISvAI&uach_m=[UACH]&cid=CAQSOwCNIrLMEcwuEinTv7qlD-2lEFzwaJWTvGPH8ZK01xYCEBwyl89EcYr7HDTj8L-QEy_HoY_0ntJxBmuiGAE&tpd=AGWhJmsB3Pe8DUGM2XHpGC4IFEKkbbfX63RwageihdT12sADFvGv7j8zh_7JTX6GhAhzh5qCbB16fU5NMMhxsNLqOwCVO8qvkgWJQT9l2HabqqamscKMK6foLY6UctvUtld8wz4cIEXm1hUmv4ubRWD6OF2Sbq4yRvX1S5JAiVEnD2BcdmbYzChaZAafhhgoavydbKKfQZ9ktKxzfGtG0GkfSdL7jwHLc0G1KgXN-IBrutDWjI4R4YbSQemqsJr0marL_ltPpFZ3lUZAeqBSGlmteKyW2eObo5XYI3uJY7w-PnDkgNHQgm7BQPfHHwzGvgfMrwrnOoXH_kl_ROR5HK6GSpE0cFrJ0GEfTTR3wcgUods9iL7O4XrN8U0mR_VV2_wj0QBC4Dad2FIU_loa2f3UYSjzA9YmEPfS5ze2ngoYwMRmpyQeg7hS292rFZIVoEhzkqbIZo2Xo-5NQ3NWHSG81crFE9jkhmuwtd8av5tMxmKxwp_K4T0gttvbBfLcZUsA-8q8qPa4BEDMWI2kWq6t7aHH7IZeKKxuarbEz_uj-JxnzEY7pDJQ5KR__x_HSy15x6sbrn0J08uIh6AJSZVinjboMUe7MPbMEQF3KUIkm2N3SE8TP8304RB2XEolgGRxz1SlXZ6r9jLCf2A5P8kqlPn0E1W5m9UAQN6Bf64CDiYZE8HSBu9A_lBSeqaGyoUNDUwN9zygfQkazzYULshCBJ_NaxL-eUe4jVepC6XWNtOXEWEpTg7HxVJDGlC4hDITgDIcltVKOwOzT4ctgsjziuTE_O15mKsCFhi6MZhfgN3cJI3diTFm66SyLAUYHJFhOQxf4hJi-RHkMAL0VspZOiLrK8LD0ABzRpSXe8CL5Gf07z2xqCLKf3xPMfEpM9AcxdCWtuJXDxnsf0NzMg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
v2
odr.mookie1.com/t/ Frame B8A9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame B8A9
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26ti...
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648...
44 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e0EVWtcJoXQYscumfPRTuLu8XZ3MawA1qAL9JDkeNF5uEQzz7SUwmZtJtRZbcTjzGsxIKLGOJTr%2B%2BTIrz3%2B5PWXH69zMaT55iKvJ50PDdL1863V72cdEeyVeT659wg%2Fpcbkl0Q96Qs%2BL88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb03ffa554d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c2af9ae0-21a9-44d7-ad09-fbb8d89bf402
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame B8A9 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame B8A9 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=bebfe6d3-1d36-41c6-b969-fc1d9d40ffff&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d57&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1R0sVJQrljMRS-7QIHRfsG-miMk8lEEkM8Q65y5-O1XY.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.570000&lon=7.440000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_mid3_300x250//336x280&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=1b2225618a556af644b3dabdbc1d85fd4c5bef86&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:46 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame B8A9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19532
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LFUbfT7ACPpCOwMGwdj-tcrOa3ukc5VcHsQyYzKAsldduuHaOdQ1ow==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame B8A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8A9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame B8A9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
l
www.google.com/ads/measurement/ Frame B8A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTu9bcBx6r_TCKAjosGcDiX2gDaJ9u3hvgX_znodl9N-QDWpkD-z-WjFDc2BV-aMncl7u8-of3raNSF5_8opBU4IPSJTQ
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B8A9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 72E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1V4IV41CYrHCCMTV3wOCxqroBv7T969czs-92OoCwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMQCT9Dt_VqFEo-DmoIEy_0vzbBf3o3N0Xr4XKxphsZoI11N8i3q84xnMqpeIDHeHOaw9wvEJpHQNZApd_ahd_MSn7kCZ6ENpjUMoAuSH2v4shxddj3DbPB9HKCuu6Aa33UC2SA_WGOMZLvTZeo7NynG1WOjliTHd29cShbESTJzE01euHGm0X3mQkY7k5eH_97lB3q3x_LYgzGEW9cy5iDim4A5iz9Eux6ujWBnnyAc3k6-VHeuv0BZDHLfmxpeuLAc7Rwdb5BjsdhIl_w7aIlf2_R5CBv-btE0ESf0zMef927Hc6zcjW_5KeViyuKdBQLnCsTItmgoiYhIKIcNXY_1BOZX4a6nl7qer-L4p991DOW7nbskS4tVtCX7ZfTNtl9979nJYoNeAv5ERekNrySMVjAMUEH95Qp_W1V3HN35h5TeJube4AQBgAb_3tqthLOumfsBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4MDkyMDc3MzQ5MDYzNjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=--jHBQvtm5A&uach_m=[UACH]&cid=CAQSOwCNIrLMjUz5GpGnRMaaKncbPKGMzLZ-cv-JjhhUu-h3Z-XdpKVDEztYJS6JyddU21icnGarIL4GLD2FGAE&tpd=AGWhJmtiPsmt5fXnVgnT4SIDPvU4DZMGpY3xc1rvZxTXtryT_jsXdZAsRSprAS6VNjoyLT6Xz7wyP1Gkd48j9WBrXJlsH4sZAg5nVVrmmLkj1Spp-z6pB9Pcc8J-FXwVnJ70oxmS5L1MpaAGeaHHsPhGjjgZrKE7eXhHVe3HCgGZlJV-4nSbQ1ge6GAAQS2uwuQ-_3O7258UzCzX1NgN5C-eioGSu4f8RdRi7UubVcsa3WaaMkZKohPW5GGfkF8f9JaPmKd6ivxF8G5wkzl75pJKaEsCqzFJ08jHimfTsOP4BUszT-HCaOzGO7R8CeSMNAi2l3QOFmlHxz3v41nORWuQzyfc5_EJspfJTuQlpHpU5XG8tzinkdckN5nZBorE2KJtDYMgv61stv3rDkVWH8Nf0cpVVLAxis8UwNRbovz5YTtpF_t3MADt6l9e1xAbzfreCrVy4YYFWroPZdndaDNEHErFlTxXIN7Q7Swx9HszcuJPgl36cdHFhjTqlPjGh1mn4S3P9YVpsW-Vvujhd1YOwIiV8Sxx8Y-nDVv_Ix0KGTdYqWy5NfgqipR7yM1qWaZjTcvXFyfgGiAPY6UY84ldr4L7Sa3J10ZH37OO8cUK4OnAl2AQGG8VxdIALu9EoBJbnksGmMXCdSt2A3dJ5DIh2EfKpIb8BuOIKMdHIsxR6NoqV6lkAX-db_EZmRQxZmNwLJ50lvhiOljT1Z4l_KDX62Dn-o9-vbg4qzsIbwLvEtNWsjBIOsUgrfFgs2vin2KYWx8LMxJ0P9c1iBUNUIsV6EFauGPSyznjIuL1gUS__8ytmdrjV09rIRddQLsO-t45aPdaDfWkvt0Adq8HXxQMCqbTSuKhri0Ky7bnHMdi7BXcuDhomGQKydgaB46l6fJLkmr57wIaxXcZilwFpw
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
v2
odr.mookie1.com/t/ Frame 72E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 72E8
Redirect Chain
  • https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dweight_watchers_subscription_germany%26tier_one%3Dttd-display%26tier_two%3D0a7a8j6%26ti...
  • https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648...
44 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z9BuKiUJV%2BLPU1VXkx2XaK3ys9MfTUw43kovB%2B9mdmp3vIvzcI%2FCnmVDvdP%2BgBaa3inVkKoltapSg4Nw3EsTWuxKHdr4RRtl8TdM18jg%2FSubdV3rKZ4BNd1%2B5LwcR2kpRo%2B1%2BbVPLdlZfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb040fab54d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
79ec991b-0f48-4949-a4cd-ad4c335d32c0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://metrics.getrockerbox.com/track/v4?uid=2467237507975114060&source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2&uid_ts=1648528727
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 72E8 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 72E8 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=59bc95eb-b91f-46db-9d78-96915e9e1e5e&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d57&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1oFw73qHVCFgzXnFP0Iwgg5l98_NQGJ4hi4STNOsbYNQ.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.570000&lon=7.440000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_mid6_336x280//300x250&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=c49349cf59ffba621d6af5ed54c1976c842c062a&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame 72E8 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19532
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Ar7_ETjxzhgV4FWkE0B9qnoGA5_ERFgEQEzYKWBtqgLf9XOG6qLmgg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 72E8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 72E8 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 72E8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
l
www.google.com/ads/measurement/ Frame 72E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCNo06WvJSYqklQf-vjRewvdyQriKg3TidG3R0h_quVW2C7xsD-uf3fQmuYuQS9nl-yehD6bYm-shL2FS7qmI7jw2qng
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 72E8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 5F10 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame 3E30 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame 5DDF 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
skudai-rr-final-100x70.jpg
mustsharenews.com/wp-content/uploads/2022/03/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2022/03/skudai-rr-final-100x70.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb6b4da6262188e5bf45853e853278c4d541f441989fb6e24705475df659e23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1732
Cf-Polished
degrade=85, origSize=16143, status=webp_bigger
Connection
keep-alive
Content-Length
3121
Last-Modified
Fri, 25 Mar 2022 06:46:03 GMT
Server
cloudflare
ETag
"3f0f-5db0550f4d6af"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqf0LscQwB6DESCeKHrrJyfi7s6SONmWRNkCALKQSZh4FdWl7si3tkfhlUcKe%2BufV5dwU8cro4Yf0iuOA6bwsTotuRBttodsp%2FifeyehvDULVmaBnvobtJRsTp85IEBIlesLUYSFfeS2IGI%2Ba%2FIV"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eb029b2e59d1-MXP
Cf-Bgj
imgq:85,h2pri
image8-1-100x70.jpg
mustsharenews.com/wp-content/uploads/2022/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustsharenews.com/wp-content/uploads/2022/03/image8-1-100x70.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e5d4a0c56f2d100d4e4d5a8de61e5388ec801b5c914b8361b4a9ff8b9a8dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1732
Cf-Polished
qual=85, origFmt=jpeg, origSize=13913
Content-Disposition
inline; filename="image8-1-100x70.webp"
Connection
keep-alive
Content-Length
2378
Last-Modified
Tue, 22 Mar 2022 06:47:10 GMT
Server
cloudflare
ETag
"3659-5dac8fb787803"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MO6EC0YnpH434ay8cQCJ%2BOfhpkSqnTKjFSROhmeBrW84aEGqbRjphUPkxf3wF3xxW6rILPepxoKvCC0BP8Q52xZ9XtmJjzIT%2BBqShOmW7jqEQQHTo5h%2Fh7ezIM6gUyDwxZ%2BLXWvm6N%2BNKyFewGg"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6f35eb029ddb8397-MXP
Cf-Bgj
imgq:85,h2pri
impl_v85.js
www.googletagservices.com/dcm/ Frame B8A9 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame 72E8 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;rc=1;ord=u02zdd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D9f3ba6a6-4056-4d51-a8bf-e9b376965c43%26a...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 5DDF 		65 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;rc=1;ord=u02zdd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D9f3ba6a6-4056-4d51-a8bf-e9b376965c43%26ag%3Da99jcch%26sfe%3D147a0d56%26sig%3DIYTZBgCz9nvPHe03yMCSV1Fz9cD1amJM4P-zejX0IlA.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3D0d022dd9c278a36ba15bcd5172010b18eb773453%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=58;rcsrc=h;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
dc6d4eb355a1e1f25f698a0256f6a4635b89ecaaf26625af53aa56f03b6081b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B26791739.320447811;dc_ver=85.248;dc_eid=40004001;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1037519631;ord=6pdd8z;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbebfe6d3-1d36-41c6-b969-fc1d9...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame B8A9 		65 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;dc_eid=40004001;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1037519631;ord=6pdd8z;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbebfe6d3-1d36-41c6-b969-fc1d9d40ffff%26ag%3Da99jcch%26sfe%3D147a0d57%26sig%3DMNXn--Jz1c9iiK3uODZ4sY22UvLy2jWPWQNHvCmDMMk.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%26pcm%3D1%26ict%3DUnknown%26said%3D1b2225618a556af644b3dabdbc1d85fd4c5bef86%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=47;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
6c438a8869058234d2aede95340b03a8b61621628104c289776f59391fb97e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27025
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1974501068;ord=t8rkk1;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D59bc95eb-b91f-46db-9d78-96915e9e1e5e%26ag%3Da...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 72E8 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1974501068;ord=t8rkk1;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D59bc95eb-b91f-46db-9d78-96915e9e1e5e%26ag%3Da99jcch%26sfe%3D147a0d57%26sig%3D6gKfwQXwWubUaczNgpU0Q9t-ac9icR7ed39Yh4fYnq0.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3Dc49349cf59ffba621d6af5ed54c1976c842c062a%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=48;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
d84c0e03d446c926315d2fe2c4e4ddf9b71f77a93a7ccb1bf26a840d9dd4e975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27148
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 5F10 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
call
adnetwork.adasiaholdings.com/2060/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.74.174.177 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,save-data
Origin
https://mustsharenews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://mustsharenews.com
vary
Origin
view
googleads4.g.doubleclick.net/pcs/ Frame 1B3A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9cilK-3c3DcR1NLssZykWOpb5knXYeajX9vYRArZoizdmO6O7l4q1LmQOSiFgYO5-OtQ6hxpNuiZXdgF9p2ia8rYNao9l_DiPfk5eYDIgp6iDvfKIDFWwi8fp4k2MDdtRiMGm-GHwMtaK3KR5R3YE-_Y&sig=Cg0ArKJSzP3PShifrGwrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=647&vt=11&dtpt=579&dett=3&cstd=65&cisv=r20220324.63031&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 5DDF 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame 5DDF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1094544923;rc=1;ord=u02zdd;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D9f3ba6a6-4056-4d51-a8bf-e9b376965c43%26ag%3Da99jcch%26sfe%3D147a0d56%26sig%3DIYTZBgCz9nvPHe03yMCSV1Fz9cD1amJM4P-zejX0IlA.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid4_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3D0d022dd9c278a36ba15bcd5172010b18eb773453%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=58;rcsrc=h;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
913
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5DDF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
n.js
geo.moatads.com/ Frame 5DDF 		110 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24X%24H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-150pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-NQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fmustsharenews.com&lp=https%3A%2F%2Fmustsharenews.com&t=1648528727578&de=666547277844&m=0&ar=9f397fe3151-clean&iw=275f53f&q=2&cb=0&ym=0&cu=1648528727578&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=vko50on%3Akywm6zw%3A0a7a8j6%3Aa99jcch&zMoatJS=-&zMoatCachebuster=807386&zMoatCreative=1e7nlzp2&zMoatDealID=-&zMoatDomain=mustsharenews.com&zMoatImpressionId=9f3ba6a6-4056-4d51-a8bf-e9b376965c43&zMoatPartnerID=vko50on&zMoatSite=mustsharenews.com&zMoatSubdomain=mustsharenews.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD05ZjNiYTZhNi00MDU2LTRkNTEtYThiZi1lOWIzNzY5NjVjNDMmY3JpZD0xZTdubHpwMiZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE0N2EwZDU2JnB1aWQ9JnBpZD12a281MG9uJmFnPWE5OWpjY2gmYWR2PWt5d202encmYnA9MC4xMTcxNDAyMzMzNzk5MzkwNzk4MyZjZj0zMTc2MjgxJmZxPTAmdGRfcz1tdXN0c2hhcmVuZXdzLmNvbSZyY2F0cz0mbWNhdD0mbXN0ZT0mbWZsZD0zJm1zc2k9Jm1mc2k9JnVob3c9NTQmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1lbiZtbGFuZz0mc3ZwaWQ9MjE0NjgmZGlkPSZyY3h0PU90aGVyJmxhdD01MS41NDk5OTkmbG9uPTcuNDgwMDAwJnRtcGM9JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2RIWlhKdFlXNTVHZ0E0QVZBSGdBRUFpQUVCa0FFQiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTUtPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrZ0tJV05vWVhKblpTMWhiR3hOYjJGMFZtbGxkMkZpYVd4cGRIbFVjbUZqYTJsdVp5SWpDS1hfX19fX19fX19fd0VTRG0xdllYUXRjbVZ3YjNKMGFXNW5LZ1lJb0kwR0dBdy4mY3JyZWxyPSZpcGw9LzIxNjIyODkwOTAwL1NHX211c3RzaGFyZW5ld3MuY29tX3Jlc19hcnRpY2xlX21pZDRfMzM2eDI4MC8vMzAweDI1MCZwY209MSZncmRjPUNBRVlBU0FCS0FGQUFVZ0MmdmM9MyZjeD0tNTE3ODg4MzYxNDUyNjI0NTMwMiZzYWlkPTBkMDIyZGQ5YzI3OGEzNmJhMTViY2Q1MTcyMDEwYjE4ZWI3NzM0NTMmaWN0PVVua25vd24mYXVjdD0xJmN4bHZzPTAmaW09MSZtYz1lYzhiYTRmYy0wNTJjLTQ3ZmYtODZmZi0wZDdkZjc3ODdlNmYmdGFpbD0xJnN2PXJ1Ymljb24mdGFpbD0x&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=21468&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2F&id=0&ii=3&bd=mustsharenews.com&zMoatOrigSlicer1=mustsharenews.com&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=197724&na=946409525&cs=0&ord=1648528727578&jv=1861855758&callback=DOMlessLLDcallback_50601386
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.215.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
5648794ce3e2f5b2c5f1bfc4ec4a80aaa4784e4183765c68587b0f3ac0800808

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"059dfbd6712194a28341f01090dc9d8436e7530d"
content-length
110
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 5DDF 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fmustsharenews.com&lp=https%3A%2F%2Fmustsharenews.com&t=1648528727578&de=666547277844&m=0&ar=9f397fe3151-clean&iw=275f53f&q=3&cb=0&ym=0&cu=1648528727578&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=vko50on%3Akywm6zw%3A0a7a8j6%3Aa99jcch&zMoatJS=-&zMoatCachebuster=807386&zMoatCreative=1e7nlzp2&zMoatDealID=-&zMoatDomain=mustsharenews.com&zMoatImpressionId=9f3ba6a6-4056-4d51-a8bf-e9b376965c43&zMoatPartnerID=vko50on&zMoatSite=mustsharenews.com&zMoatSubdomain=mustsharenews.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD05ZjNiYTZhNi00MDU2LTRkNTEtYThiZi1lOWIzNzY5NjVjNDMmY3JpZD0xZTdubHpwMiZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE0N2EwZDU2JnB1aWQ9JnBpZD12a281MG9uJmFnPWE5OWpjY2gmYWR2PWt5d202encmYnA9MC4xMTcxNDAyMzMzNzk5MzkwNzk4MyZjZj0zMTc2MjgxJmZxPTAmdGRfcz1tdXN0c2hhcmVuZXdzLmNvbSZyY2F0cz0mbWNhdD0mbXN0ZT0mbWZsZD0zJm1zc2k9Jm1mc2k9JnVob3c9NTQmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1lbiZtbGFuZz0mc3ZwaWQ9MjE0NjgmZGlkPSZyY3h0PU90aGVyJmxhdD01MS41NDk5OTkmbG9uPTcuNDgwMDAwJnRtcGM9JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2RIWlhKdFlXNTVHZ0E0QVZBSGdBRUFpQUVCa0FFQiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTUtPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrZ0tJV05vWVhKblpTMWhiR3hOYjJGMFZtbGxkMkZpYVd4cGRIbFVjbUZqYTJsdVp5SWpDS1hfX19fX19fX19fd0VTRG0xdllYUXRjbVZ3YjNKMGFXNW5LZ1lJb0kwR0dBdy4mY3JyZWxyPSZpcGw9LzIxNjIyODkwOTAwL1NHX211c3RzaGFyZW5ld3MuY29tX3Jlc19hcnRpY2xlX21pZDRfMzM2eDI4MC8vMzAweDI1MCZwY209MSZncmRjPUNBRVlBU0FCS0FGQUFVZ0MmdmM9MyZjeD0tNTE3ODg4MzYxNDUyNjI0NTMwMiZzYWlkPTBkMDIyZGQ5YzI3OGEzNmJhMTViY2Q1MTcyMDEwYjE4ZWI3NzM0NTMmaWN0PVVua25vd24mYXVjdD0xJmN4bHZzPTAmaW09MSZtYz1lYzhiYTRmYy0wNTJjLTQ3ZmYtODZmZi0wZDdkZjc3ODdlNmYmdGFpbD0xJnN2PXJ1Ymljb24mdGFpbD0x&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=21468&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2F&id=0&ii=3&bd=mustsharenews.com&zMoatOrigSlicer1=mustsharenews.com&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=197724&na=575143053&cs=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:47 GMT
usync.html
eus.rubiconproject.com/ Frame 6D76 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 672F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81903
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame B8A9 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame B8A9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;dc_eid=40004001;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1037519631;ord=6pdd8z;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbebfe6d3-1d36-41c6-b969-fc1d9d40ffff%26ag%3Da99jcch%26sfe%3D147a0d57%26sig%3DMNXn--Jz1c9iiK3uODZ4sY22UvLy2jWPWQNHvCmDMMk.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid3_300x250%2F%2F336x280%26pcm%3D1%26ict%3DUnknown%26said%3D1b2225618a556af644b3dabdbc1d85fd4c5bef86%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=47;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
913
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B8A9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
truncated
/ Frame 5DDF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d4a703bde8f0c4cd98017b707d1e36105a265d24e752739251b5d6541324b7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
709414.gif
id.rlcdn.com/ Frame 339D 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
6eBlBwbomjsgMRMKkiGtXsn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 339D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQE...
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6eBlBwbomjsgMRMKkiGtXsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAI...
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/6eBlBwbomjsgMRMKkiGtXsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2a05:d018:d29:3601:d472:fadb:5355:a85e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

Location
https://pr-bh.ybp.yahoo.com/sync/rubicon/6eBlBwbomjsgMRMKkiGtXsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 339D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyNDAwODU0NmNmNjkxNmU1YmU5NDRmZjY3NmFlODI4NjdlY2YwNw&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyNDAwODU0NmNmNjkxNmU1YmU5NDRmZjY3NmFlODI4NjdlY2YwNw&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDcyNDAwODU0NmNmNjkxNmU1YmU5NDRmZjY3NmFlODI4NjdlY2YwNw&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 339D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1BNFU07-1S-6BRL&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIA...
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1BNFU07-1S-6BRL&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BFD3C744CCD840A3BA39A5BD1CB6F995 Ref B: FRAEDGE1419 Ref C: 2022-03-29T04:38:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbVAE670LL5eUOjapagQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1BNFU07-1S-6BRL&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 339D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAA...
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggA...
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESELnJb0310qYWUsjAwc2iJ_E&google_cver=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&put=CAESELnJb0310qYWUsjAwc2iJ_E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
511
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 339D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1BNFU07-1S-6BRL&sigv=1&esig=2~54e3950fe6f9d6787f603747403b5212840a58ca&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQC...
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1BNFU07-1S-6BRL&sigv=1&esig=2~54e3950fe6f9d6787f603747403b5212840a58ca&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1BNFU07-1S-6BRL&sigv=1&esig=2~54e3950fe6f9d6787f603747403b5212840a58ca&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 339D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAA...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAA...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0N8FXRN8C9Y5MMRFV6P9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WBKXS3RVE1J6292147F2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 339D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABAR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame 873D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 46AA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81903
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 72E8 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame 72E8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=1974501068;ord=t8rkk1;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D59bc95eb-b91f-46db-9d78-96915e9e1e5e%26ag%3Da99jcch%26sfe%3D147a0d57%26sig%3D6gKfwQXwWubUaczNgpU0Q9t-ac9icR7ed39Yh4fYnq0.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid6_336x280%2F%2F300x250%26pcm%3D1%26ict%3DUnknown%26said%3Dc49349cf59ffba621d6af5ed54c1976c842c062a%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=48;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
913
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 72E8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
truncated
/ Frame B8A9 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cac510e3034de611e3984c257e921899a889dec8f4dab7d19a1e52d1b076f6ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 6D76 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVcPWmYVc__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14267
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3014 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6kxLqCiHlsMv9PbhoBRMqZ-oqpvW_49Z5J2FPQSXfSygbtTZIwvBpeLgSskkxXZhF-eIZxz7QpPDufTjiMcs72lzmRQUtHhZaFSpPjgzPiwMtm9n_-_bxEfaybYpOlYj3YFheLDDJd13RRETdmHRTObwMmzTnYHsGiEawBaEllxdKLTp6Qv3X5DYZzswc9z11E6Bsav51cmT7meI36o0CzdC3EZsIpldRZ4w_yREN6I84K5MflEr9Thdq1-4-YD0VJcC6kFYFaUrMv-6gKryYVSVzCQxZKKDbnGpB9FGWXBG2u5xpHk6B3A9V6FZaBbjb6OwGFRS-SnFBkbh4jmV3t2VbQSkpAhMTYyq3IW-MW21Zi7c0WlXPOCj5yQ&sig=Cg0ArKJSzM9vai-1PfWkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
uct.js
anymind360.com/js/prebid_creative/ Frame 3014 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/prebid_creative/uct.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
age
8129
x-guploader-uploadid
ADPycdvY4zGNGS_RxbkaO61OZkbJmigTdLH1tSe7xSccrdSoG-FZmoAXED6OQtSSK3GkMaK3bCZ3NjKMAzWUqJxifQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
8280
x-served-by
cache-tyo11925-TYO, cache-mxp6952-MXP
access-control-allow-origin
*
expires
Wed, 16 Mar 2022 02:23:15 GMT
last-modified
Fri, 10 Dec 2021 08:36:59 GMT
server
UploadServer
x-timer
S1648528728.766535,VS0,VE0
etag
"32935b1d2878254c40c430821f9ad672"
vary
Accept-Encoding
x-goog-hash
crc32c=MQ+Z5Q==, md5=MpNbHSh4JUxAxDCCH5rWcg==
content-language
en
via
1.1 varnish, 1.1 varnish
x-goog-generation
1639125419758288
access-control-expose-headers
Content-Type
cache-control
max-age=86400
x-goog-stored-content-length
8280
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
383, 5
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3014 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
usync.html
eus.rubiconproject.com/ Frame AD7E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BE19 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81903
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C4A2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DDF 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
expires
Wed, 29 Mar 2023 04:38:47 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5DDF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaXBR6bflAuYTjitbDplaI9mXLwsFLVu389BB6297ssBjy9rbycCgQTK2M1k8ZcO9DIIMSPIsWVsqnUOKIgihhMUeRClM45iVYCD1jCo1DBWrEy-_TUVRuLm3C4faZOHNXGp6RfZsUaKt2BVh3HagXlks&sig=Cg0ArKJSzJTiLHZbUax6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=241&cisv=r20220324.13822&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 72E8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cd233467a75888451664a287c08f90ad1b663abd46a53455b24f0995c566264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 873D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14267
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8A9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
expires
Wed, 29 Mar 2023 04:38:47 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame B8A9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEcxDl-Lur7MxChvfSTXAg9CjtTNAJIp4rOvJ4Znh59FZrtKElB6K8XQ3tiyS-Ju4MVJRVmpbtDsv2lZtvatl_q1roEnLX5lmvo18oCaF4vYu_gd96SO6MeCxjiSGEhj5DKycE8xlLyT9G2BLJ9GnUfH4&sig=Cg0ArKJSzPi2fRhABErvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=207&cbvp=1&cstd=203&cisv=r20220324.48911&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 672F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJVAianchvblFjM0fwq393A&google_cver=1&google_push=AYg5qPKWxUjNV8GlGrivOMDAWERyY4ulwjuGEkhETbCLKI08rAxpCUJGvGjGeZwpx25oKDwG3uvZ6LuoIn-R785jdk-T9jm2m7iG
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMWR0E-0Octx8xCaryiO4G4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMWR0E-0Octx8xCaryiO4G4&google_cver=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMWR0E-0Octx8xCaryiO4G4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 672F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ1eMw5jltpeKcdjtpbtxJs&google_cver=1&google_push=AYg5qPJgs44JWG7aeqarjYTcrWPwr3nvj60cyt9nR8Oq1IswfwRbYOOR1R2w87ig5EFHlozoKdOFELpENmVBFuAlxxeeB9QboJk
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 672F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAnU6rLVTTZQKNRpoddjK4g&google_cver=1&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdx...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdxecFTxz_E10Zi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdxecFTxz_E10Zi
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL8hNAg-l62-F30yG-3brVjJYaorbQ9AoWb7rLOh5ENjWj0pkBaMQU-c5vLlOf8WlD9p6jncCiAGyM2MMdxecFTxz_E10Zi
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Mar 2022 04:38:46 GMT
pixel
cm.g.doubleclick.net/ Frame 672F
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEDSFpqQhBhJjdJmHqvMw94E&google_cver=1&google_push=AYg5qPLa3CUa8xc9-pJgERlQ0eusCo-gxKvc2OPA757BG3T-8-tqO-l2m8dcqZTkFCkUEvC8NBg...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEDSFpqQhBhJjdJmHqvMw94E&google_cver=1&google_push=AYg5qPLa3CUa8xc9-pJgERlQ0eusCo-gxKvc2OPA757BG3T-8-tqO-l2m8dcqZTkFCkUEvC8NBg...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=3PidZZRXQjWJLcwmgcKVvA&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=3PidZZRXQjWJLcwmgcKVvA&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=3PidZZRXQjWJLcwmgcKVvA&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 672F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDtGTvhtOtsPmYWFtOpGyto&google_cver=1&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9D...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDtGTvhtOtsPmYWFtOpGyto&google_cver=1&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkU...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433822998846891&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E&google_hm=MdALljQiSMW3j-2lrs3c9A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E&google_hm=MdALljQiSMW3j-2lrs3c9A==
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIAUVHMnNvzHYpU9hgsyeyne-dD6uCv0KucyGcwxvcr5t85uDHWHDFQRPNUfg58GkNSAiMEWpxKZe1MkUTS3w9DpaHabN5E&google_hm=MdALljQiSMW3j-2lrs3c9A==
Date
Tue, 29 Mar 2022 04:38:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 672F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHwgZYsqBwwBf5WWP9FjdaQ&google_cver=1&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcn...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHwgZYsqBwwBf5WWP9FjdaQ&google_cver=1&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcnhix-xcDp2ubDVAw6mG0j
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIHH2lf9tetTU4hfwf5PapuU6VuINrKiDlhSPhc6DFOelkns4OhPNnP33B4nXYjGAMBGrY-Mqcnhix-xcDp2ubDVAw6mG0j
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 672F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 672F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzkGtCeiTlXxCqgDsqqKSce6akBh-vcw3MT9fsSh6BvyHP--waE-_JTzcdJ0TxMwax_N0f
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5F10 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b23fc5e72718d0c0530cbd5615086f14faa50add43fbb1039a9fe742ce62abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5596
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 72E8 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
expires
Wed, 29 Mar 2023 04:38:47 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 72E8 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVzGeZUpi9Y2J8r7CX4meaREGPY4rvbo1HnXiLvLSW_b4lLHyDbKlMzJdAmU1l65HGgO0zGBFEaZ8_V3f7oNpAmYLUftWJeX25Tc60-XiSaGadeaC9Yd789U6yWHGCEFxTVYjui0VgxR4wXlvE0LYtP48&sig=Cg0ArKJSzNNGWOziYVC_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=172&cisv=r20220324.47881&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ttj
ib.3lift.com/ Frame 3014 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=SG_mustsharenews_res_article_bottom_
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
/
Resource Hash
d9756487f8cbdc94ffb89ad58d7655f26601912691b0e8723c51182ed57af5e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:26:07 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
age
760
etag
"26e27e18c3f3892a0dd0deaa27e4e3ab2ecd7bce"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
content-encoding
gzip
content-length
2021
x-amz-cf-id
hcQmMH3_J2bYMdkSEOEBccSCiJy8YzCBKVpFAfslLlbafHFsKfhZOw==
notify
tlx.3lift.com/header/ Frame 3014 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.151&ts=1648528726&aid=4948238301475243652223&ec=3690_62334_10406292&n=GgDyAtUBCAASFjQ5NDgyMzgzMDE0NzUyNDM2NTIyMjMYACABKOocMP7mA0ABSABQAGAKaABwo4ADkAEAmAEAqAEAsAHGAbgBBcABlwHIAcYB4AEP8AEA%2BAHGAYAClwGIAg%2BRAgAAAAAAAPA%2FmQK4HoXrUbjOP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BALhOIAD0AKIA5gCkAMAmAMAoAMAuAOx%2FRLAAwDIAwDSAwgxMDQwNjI5MuAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwA8YB%2BAIMiAMAkgMEMzk5NZgDAKAD2dMHqAMA
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 3014 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=4948238301475243652223
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame AD7E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVmPWmYVm__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14267
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
dpixel
cms.quantserve.com/ Frame 46AA 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEneqJ_QWD9_piX8owGYhHI&google_cver=1&google_push=AYg5qPII9_wyT1CLYfo2PoSaRewKlJ1JqjHHSceR_SJwcOhvsy8QumNaeHJWYB5Gmrqv_ePEJwRgHgFRBMUn9vLJnnrfg0qJ5l0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFj0VYhCP3sNJspocThONa8&google_cver=1&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnEAKT9D3zVUIMI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnEAKT9D3zVUIMI
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIlHeNY2UOuwdtGq3W3sDI2Iq7RZZLBbTkuEa9xKkFgKVpNedYaOKJho2K38fErvazhIBOTYIshewwELnEAKT9D3zVUIMI
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 28 Mar 2022 04:38:47 GMT
google
match.adsrvr.org/track/cmf/ Frame 46AA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI8mGTLk9cp0q1iuLxX4c1Y&google_cver=1&google_push=AYg5qPLNWNwzI8453WXA-rTKfHXtQjGKOdQlnWsk6wKDnGZi8fa4sTsGustgsxqaGDiOg4VGFKD6ddljmuH7B_E6GWJLsJSejl4
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGJ6ypm91Xtp86Tbmaptu0M&google_cver=1&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A2eB1r6Xt2fTl8EA&google_hm=4XE5EogaSuuqTBX5WOklSh4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A2eB1r6Xt2fTl8EA&google_hm=4XE5EogaSuuqTBX5WOklSh4
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK6yy1JqNWb3qnERcaZbD-Bg-3HpmYAbiHPYRDYxfzDOwVlFyfLbNH__dBkItem27RW0lYr7_YU6-A2eB1r6Xt2fTl8EA&google_hm=4XE5EogaSuuqTBX5WOklSh4
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENEj_OA4Z6kd3-OnHP8pZvI&google_cver=1&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04u...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04urbTw&google_hm=NDA2Mzg2OTA1OTMyOTEzMTg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04urbTw&google_hm=NDA2Mzg2OTA1OTMyOTEzMTgzMA%3D%3D
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKYfuGoxw8IFA5S-rNC6MKzeKqvxJzUvxSSrUCR6UHytWbu8zYu4_sh7pdEE8L9lqOmhPAW-vBuYu7__mZo6KA-04urbTw&google_hm=NDA2Mzg2OTA1OTMyOTEzMTgzMA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 46AA 		43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHsi5uQLAw36JbzyA0MNsng&google_cver=1&google_push=AYg5qPLj_uhUCXiL-nqPWsWonh-meqNvdTMdJ0GBk7DbLcrhY2ulkwA5Kk-Pgh6QAJio75FYjyhKiR9JVePACPX-pesUmt1GzLc
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Mar 2022 04:38:47 GMT
pixel
cm.g.doubleclick.net/ Frame 46AA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKXaeQOTEpa6l82s9n3n...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKXaeQOTEpa6l82s9n3nGUAYdb9E8Ws45DuuKqj2BXF9M-WcPOPGNNYhnAhB-7VXjF4r4tjTpF_z9NxZ3diOg_l11Kjgg0&google_hm=A7oNh2Bw2UE5oHi1z-7Yd0s
date
Tue, 29 Mar 2022 04:38:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba0d876070d94139a078b5cfeed8774b003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 46AA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ6hNHwVlMJOBPePiyk7M50crSFRnOFyO1ogSPZk5KiqqT111pl8Rx2T2m-h7tEp64G8a3
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C1B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4DC8 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5F10 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:47 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5AC6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame DBFF 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		1 KB
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509061
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
pixel
cm.g.doubleclick.net/ Frame BE19
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG9ui6ySMAmscnOrB6kfxQE&google_cver=1&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_e...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_eWrJTZ5h98W9g22hHsQRUGfDPx7DdlUOMMVwClfopw_&google_hm=-6UqicMVkVDp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_eWrJTZ5h98W9g22hHsQRUGfDPx7DdlUOMMVwClfopw_&google_hm=-6UqicMVkVDpwlMDUbfNYg
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLRfJmMmV5Pib9MxARdoZf_MPJE4q79hQxsGjjZso3qZEkFrkr-_eWrJTZ5h98W9g22hHsQRUGfDPx7DdlUOMMVwClfopw_&google_hm=-6UqicMVkVDpwlMDUbfNYg
pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE19
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHrDZX-_Di4jaGDkCEfWShQ&google_cver=1&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwqE-daXmpiERCQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwqE-daXmpiERCQ
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPLrq7m-YqwMMQG4YOX_7EMZNHZDXHyFWlIwYp5HssOeJVnlv1jfvc6ES-AMwAR1uGCTaUDTftl2TbLCVwqE-daXmpiERCQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 28 Mar 2022 04:38:47 GMT
pixel
cm.g.doubleclick.net/ Frame BE19
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJoo5lxm9eXZV4Qe-CJcqZQ&google_cver=1&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzxp7...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzxp7K9KTtV98TW6w3Bk-svz6
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPI0PEz0BcQXKCcHCQ2tZxGYZZJ4qQf0S88TT7XFFi11HixusR3TGtphyYXZmlmq2PHtmvxjzxp7K9KTtV98TW6w3Bk-svz6
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame BE19 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJXzur61n0lP_IM7nnPPo5A&google_cver=1&google_push=AYg5qPKj22QrH1_sCXwotHoocnsUWrKRPELEW_p8rHnxsvq7DC8g9B44n-z7cVYrV7T59-zv9OR0d1lWMBbh71pdXTztjy-sbDN2
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
vsdb4bjul65ktmch69ggkosne9setjmo
pixel
cm.g.doubleclick.net/ Frame BE19
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_Q...
0
0
pixel
cm.g.doubleclick.net/ Frame BE19
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMCSKS1sTVfekBz3GD5GXrs&google_cver=1&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagr...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMCSKS1sTVfekBz3GD5GXrs&google_cver=1&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagr...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew&google_hm=8754594ed3efe6a5056aec7f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew&google_hm=8754594ed3efe6a5056aec7f
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLXQRr4Je1XLFccIExTb2cV3td8htwjByeqn9YljIUR7prCNwyfNIW5_4QfBnzik_F_ephyJr0mql0DaOagrocMiUqepew&google_hm=8754594ed3efe6a5056aec7f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ssbsync.smartadserver.com/api/ Frame BE19 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEY40OqhyMebYM-kgxA90jI&google_cver=1&google_push=AYg5qPJtnzF1FlhvbGyBVPPS-grmtZb3fdSHFFMRrQDUtwepp7n50TLEnVh7MNl5onIIuZQt-h4iCvh_hmOobbmlQx4sx51_ukFj
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BE19 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JL7DvbaTDm0TZszE-UTuB0vPAFEqmOw2JidT3JJWLziE5snK3QD3KeJbmNBDH1rSP07jUK
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513723
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		157 B
154 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		400 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566121
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7126 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357225
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		1 KB
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509062
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314886
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 5F10 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220203021506908_WW_0222_Prospecting_Program2.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 5F10 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220203021506908_WW_0222_Prospecting_Program2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c00d3a9de81abc6d454395f4b79c38014e46064f5bf6fccf495d9b385510cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=obmle335Yx&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 01:30:28 GMT
x-content-type-options
nosniff
age
11300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12456
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 10:15:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Mar 2022 01:30:28 GMT
rid
match.adsrvr.org/track/ 		108 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
948fac7b2c2f4db785fa7da56552f17d94677e7e2eadc004f30fa79935c8df74

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mustsharenews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 28 Apr 2022 04:38:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E30 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5UsPVo1CYtLjM5it3gOQubOoCwAAAAA4AeAEAg&bg=!qKulq-_NAAbzJazn0yU7ACkAdvg8Wuf2My34dNBuUL6CoHiecSTzEB8YOBRJ2ZXkj7A9DQ5_8dI5uAIAAAGdUgAAAANoAQeZAyICSAd4kTJ9DdJGBPehKko8PT3gNMeupnZUz2RMnKXe_z3sEFFOf6MTp87hzDKqshIBj5v9sMrkkJmNlkWiKiX88QsqcXxUSitTeLmTmuK-yXMWDKSA2HoeyWyGrOjqUJNBJKP0FRdv2weWX3o_fYxc5Mr6z6xiFHlttYYCV-QbI0O0VryhYC0eMYrFNQjSTkiWpbTAXygSiAcKXmCtSwjUIxcCMeGg6GEl6vxnCBa5hi2wYk1PaWKUxgrVsQQXfALfuhxCMh5U4-DqC37I8EVjvuHzfzyxo0ijB5DMorEVhpTA81BLv-gZkf6bcYxI4HBOySXgMSpOi7A9W93i3-yDVPEVVGXfvcEax38mpjTbqIFiIpY3mGlre01SwOsfWzDQqjAR40JWcE7AFvtDcUxT9sbFBPMeUikYY47VQGBypQQt_0wKkUaTqh5vUiDFCUQzZdNLfjfbHxTJ8buV15RI0QigR15JHn2A0monsykh24c7xl0WGYCn5pC_pxLCB31GTppYBa_4h_WJVn9hyUSsAvUpBK4p_8b_5Z4aJ1eN4oG0FGl1N9jX55CcktZyVRW60nVFJASHxF5G4oa7uum5KYQ1lNqcF9V1RnblVY_RislbO-3LhfMG1zC2SdamHNCm4zzaOxvTiePDhNfIliybUw3YEw-AxTYfZS1oY_ptRznLBulyUASiCIsGGQlbB8AJl2bJcK4nGjHZuVonlNNthYD89CVB0CcaVua6X0-GAbN9iyErbCZXNRQzGu1gxm-C3swSZvruboNktFeUTEKLhMT6LM-3tXtcysI3tqzsj5e3cjcluR0rQ3-7cS6ZMUmNUPRvzZVbRbuL6X6_WpgfIJ2eKxR423RYhq6ZGktEwpRTvaelLv__7zpqyfIofr3ociUp5zEQdd255GWyOYtZfoac5hZTD6--EoxQTmpVJjhfRaMnNYZfOeOYohIfPRenRfPMlfeh9ho1MGiUv2WchoA4zAX981ST-aU-HJDRzYxZUgNzVQoqhXOkhtJ56Ze2D18X8_sRuNr6DNplD8Qz3M5KdN6aRATEALlkzfZD2JNL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame C4A2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
bundle.js
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame 3014 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=SG_mustsharenews_res_article_bottom_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 15:56:45 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 15:56:23 GMT
server
AmazonS3
age
1600924
etag
"72ce81d7d81987b2256ad6fa329008bc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
82367
x-amz-cf-id
qZOiACYkxPMURj3m6Dp7QGaNJByqXe265-RbWxHPy0neuw66dc1tBg==
truncated
/ Frame 3014 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed7e381673b83dd992d4654c3443aa68bf4768e8a5eaf5568055262846d93b58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
aip
adnetwork.adasiaholdings.com/h/ 		43 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnetwork.adasiaholdings.com/h/aip?uii=594864663768315816&tmstp=5274839987&ckid=0&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5810%3b%24wpc%3d5812%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5778%3b%24wpc%3d5779%3b%24wpc%3d5782%3b%24wpc%3d5783%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5975%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5945%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914%3b%24wpc%3d5443%3b%24wpc%3d1263%3b%24wpc%3d6317%3b%24wpc%3d6316%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823&acd=1648528727972&envtype=0&opid=f1cc0daa-f89b-4eb5-b38f-abb626dcb2fa&opdt=1648528727971&siteid=277322&tgt=%24dt%3d1t&gdpr=1&pgid=1027690&fmtid=44269&statid=3&visit=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.74.174.177 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache,no-store
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
view
securepubads.g.doubleclick.net/pcs/ Frame E0CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnNKqDB_X0dQ2vbYUPy-JhL_YPzf3IR_Aud3x1OdlW3UqVMMVZwSUy_3p_XSeYJYRnXEq08Syd6zQvj_XIorhESb4Z6yvh92qwaTp1Ing6uuEMskz6RPpb-wyc2DXJMTmZuxT0V038dM2r32BP9DSYdtYsHIPVs1akoMepE2bz7oN46vJb-KCHxxlsjqZvX-lYtsi27oyltrWL_BrqtuUsXMBzmXLcdcjxS_9Ompvzx159eFAWmclI_76XcfvsdMTMrv-j_AXG0u3yJOCI4pzrF-sXeVJ-dtWRJ8OMUeWBDgmR7hc5mCyYNsDWjPNF1ncuD0B0pNfm01NQiET2Bkf0weSrHX3K0CdWuUJbMySsjXAnylA-ymHtJtQ9cdBtz6FTBA5zkQ&sig=Cg0ArKJSzMEILSb3I4MHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E0CB 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7af0ffc3de156a3ebc7a029ad4e2866bacca70b6858e1f09096e3eb9143ddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53778
x-xss-protection
0
server
cafe
etag
3369154463304297098
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:38:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0CB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 4DC8 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame F53A 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame 0C1B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame DBFF 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 7126 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame 5AC6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=SG_mustsharenews_res_article_bottom_&aid=4948238301475243652223&rev=b5dbcaa&pr=un&bc=0.198&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10406292&crid=-1&ts=1648528726&bcud=198&ss=12&caid=0&unid=0&domain=mustsharenews.com&ref=https%253A%252F%252Fmustsharenews.com%252Fspf-arrest-scams%252F%253FisentiaPostId%253Dpost-1&rr=creative&fid=10&rb=0&g=0&cb=30937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 4C16 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 3014 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 22:25:34 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
454395
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
lFDbFFZqMqY5uWeo0L9SI9DcG5BBj3rAdSsOqKCacRzqsDtaeZv9sg==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 3014 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 05:05:39 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
343990
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
SpoDQLd9zb6XdhpA85uQPwdxwrNnrXs52jLWGprFusadxTrB99CQaQ==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=SG_mustsharenews_res_article_bottom_&aid=4948238301475243652223&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=21859
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame E30E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTE3NDQwNzU0NjYxODA3MTgvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzeEdiNGJsT0gxNmRyWVNpLVRNcGdGWS8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODExNzQ0MDc1NDY2MTgwNzE4L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/kF-owedN1BlPV8YXaYtBpYBReFI&nodeid=3012&group=cdg&auctionid=2811744075466180718&shardkey=2811744075466180718&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.87
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
fa85cd1b726221107fff7f87c414ae54cea1470f8e7d76434b918754d1db1ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1648528726
Last-Modified
Tue, 29 Mar 2022 04:38:46 GMT
Server
MMBD/3.305.0
x-mm-latency
2 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x98, cdg-bidder-x176
Connection
close
Expires
Tue, 29 Mar 2022 04:38:47 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=SG_mustsharenews_res_article_bottom_&aid=4948238301475243652223&rev=b5dbcaa&pr=un&bc=0.198&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10406292&crid=-1&ts=1648528726&bcud=198&ss=12&caid=0&unid=0&domain=mustsharenews.com&ref=https%253A%252F%252Fmustsharenews.com%252Fspf-arrest-scams%252F%253FisentiaPostId%253Dpost-1&rr=creative&fid=10&rb=0&g=0&cb=76909
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
moatad.js
z.moatads.com/triplelift879988051105/ Frame 3014 		314 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97d229cd97fec32a7c787a729642cfc14bfcd8963c84e00ca42d72d6dcc01221

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-akamai-origin-object-size
107716
last-modified
Thu, 24 Mar 2022 16:10:06 GMT
server
AmazonS3
x-amz-request-id
Y9D2C7G79X2QPKD9
etag
"b180738de1777a6bcc77fc947a928a05"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=6992
accept-ranges
bytes
content-length
107716
x-amz-id-2
TAY/V7bu/+rTVEEi95EQMeu8vJ6TyKzphTjmLMUc1RGvHYZ5fxW8t2mWklMqr4uwJNfrudlm6kE=
sync
eb2.3lift.com/ Frame A973
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&cb=74367
  • https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
b8ae8c6137098bbcd9e4fc58e47bf5f17cf499edacc9331ecad16b00784622d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-type
text/html; charset=utf-8
content-length
464
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-length
0
location
/sync?max=10&cb=74367&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpvpx
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/tpvpx?inv_code=SG_mustsharenews_res_article_bottom_&aid=4948238301475243652223&rev=b5dbcaa&pid=125401&unid=0&vid=1&sr=10&cb=46836
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
v2
mb.moatads.com/s/ Frame 5DDF 		302 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fmustsharenews.com%2F&pcode=thetradedeskv275874568748&ord=1648528727578&jv=567029324&callback=BrandSafetyNadoscallback_50601386
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.215.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
47d95f1c3b542e1288615cf7ae6ae57dd0d35f69e9337ff2198063837de5b24c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"c90ef37a1755fa79815da897b36ee3d4b4df40f7"
content-length
302
content-type
text/html; charset=UTF-8
/
insight.adsrvr.org/enduser/pie/ Frame 5DDF 		807 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/pie/?pie=20&vet=0&rtb=dD0xJmlpZD05ZjNiYTZhNi00MDU2LTRkNTEtYThiZi1lOWIzNzY5NjVjNDMmY3JpZD0xZTdubHpwMiZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE0N2EwZDU2JnB1aWQ9JnBpZD12a281MG9uJmFnPWE5OWpjY2gmYWR2PWt5d202encmYnA9MC4xMTcxNDAyMzMzNzk5MzkwNzk4MyZjZj0zMTc2MjgxJmZxPTAmdGRfcz1tdXN0c2hhcmVuZXdzLmNvbSZyY2F0cz0mbWNhdD0mbXN0ZT0mbWZsZD0zJm1zc2k9Jm1mc2k9JnVob3c9NTQmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1lbiZtbGFuZz0mc3ZwaWQ9MjE0NjgmZGlkPSZyY3h0PU90aGVyJmxhdD01MS41NDk5OTkmbG9uPTcuNDgwMDAwJnRtcGM9JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2RIWlhKdFlXNTVHZ0E0QVZBSGdBRUFpQUVCa0FFQiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTUtPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrZ0tJV05vWVhKblpTMWhiR3hOYjJGMFZtbGxkMkZpYVd4cGRIbFVjbUZqYTJsdVp5SWpDS1hfX19fX19fX19fd0VTRG0xdllYUXRjbVZ3YjNKMGFXNW5LZ1lJb0kwR0dBdy4mY3JyZWxyPSZpcGw9LzIxNjIyODkwOTAwL1NHX211c3RzaGFyZW5ld3MuY29tX3Jlc19hcnRpY2xlX21pZDRfMzM2eDI4MC8vMzAweDI1MCZwY209MSZncmRjPUNBRVlBU0FCS0FGQUFVZ0MmdmM9MyZjeD0tNTE3ODg4MzYxNDUyNjI0NTMwMiZzYWlkPTBkMDIyZGQ5YzI3OGEzNmJhMTViY2Q1MTcyMDEwYjE4ZWI3NzM0NTMmaWN0PVVua25vd24mYXVjdD0xJmN4bHZzPTAmaW09MSZtYz1lYzhiYTRmYy0wNTJjLTQ3ZmYtODZmZi0wZDdkZjc3ODdlNmYmdGFpbD0xJnN2PXJ1Ymljb24mdGFpbD0x
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
pixel.gif
px.moatads.com/ Frame 5DDF 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F6538174354311107868%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D3Jo4m0P05Z%26t%3D4%26renderingType%3D2&i=TRADEDESKV3&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24X%24H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-150pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-NQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2F&id=0&ii=3&cm=17&f=1&j=https%3A%2F%2Fmustsharenews.com&lp=https%3A%2F%2Fmustsharenews.com&t=1648528727578&de=666547277844&cu=1648528727578&m=658&ar=9f397fe3151-clean&iw=275f53f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=252&lg=1&lh=72&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A696&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=146&cd=0&ah=146&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=vko50on%3Akywm6zw%3A0a7a8j6%3Aa99jcch&bd=mustsharenews.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=mustsharenews.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=mustsharenews.com&zMoatSubdomain=mustsharenews.com&zMoatJS=3%3A-&zMoatCachebuster=807386&zMoatCreative=1e7nlzp2&zMoatDealID=-&zMoatImpressionId=9f3ba6a6-4056-4d51-a8bf-e9b376965c43&zMoatPartnerID=vko50on&zMoatSite=mustsharenews.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD05ZjNiYTZhNi00MDU2LTRkNTEtYThiZi1lOWIzNzY5NjVjNDMmY3JpZD0xZTdubHpwMiZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE0N2EwZDU2JnB1aWQ9JnBpZD12a281MG9uJmFnPWE5OWpjY2gmYWR2PWt5d202encmYnA9MC4xMTcxNDAyMzMzNzk5MzkwNzk4MyZjZj0zMTc2MjgxJmZxPTAmdGRfcz1tdXN0c2hhcmVuZXdzLmNvbSZyY2F0cz0mbWNhdD0mbXN0ZT0mbWZsZD0zJm1zc2k9Jm1mc2k9JnVob3c9NTQmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1lbiZtbGFuZz0mc3ZwaWQ9MjE0NjgmZGlkPSZyY3h0PU90aGVyJmxhdD01MS41NDk5OTkmbG9uPTcuNDgwMDAwJnRtcGM9JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2RIWlhKdFlXNTVHZ0E0QVZBSGdBRUFpQUVCa0FFQiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTUtPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrZ0tJV05vWVhKblpTMWhiR3hOYjJGMFZtbGxkMkZpYVd4cGRIbFVjbUZqYTJsdVp5SWpDS1hfX19fX19fX19fd0VTRG0xdllYUXRjbVZ3YjNKMGFXNW5LZ1lJb0kwR0dBdy4mY3JyZWxyPSZpcGw9LzIxNjIyODkwOTAwL1NHX211c3RzaGFyZW5ld3MuY29tX3Jlc19hcnRpY2xlX21pZDRfMzM2eDI4MC8vMzAweDI1MCZwY209MSZncmRjPUNBRVlBU0FCS0FGQUFVZ0MmdmM9MyZjeD0tNTE3ODg4MzYxNDUyNjI0NTMwMiZzYWlkPTBkMDIyZGQ5YzI3OGEzNmJhMTViY2Q1MTcyMDEwYjE4ZWI3NzM0NTMmaWN0PVVua25vd24mYXVjdD0xJmN4bHZzPTAmaW09MSZtYz1lYzhiYTRmYy0wNTJjLTQ3ZmYtODZmZi0wZDdkZjc3ODdlNmYmdGFpbD0xJnN2PXJ1Ymljb24mdGFpbD0x&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=21468&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=197724&na=1955905923&cs=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5DDF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaXBR6bflAuYTjitbDplaI9mXLwsFLVu389BB6297ssBjy9rbycCgQTK2M1k8ZcO9DIIMSPIsWVsqnUOKIgihhMUeRClM45iVYCD1jCo1DBWrEy-_TUVRuLm3C4faZOHNXGp6RfZsUaKt2BVh3HagXlks&sig=Cg0ArKJSzJTiLHZbUax6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=670&vt=11&dtpt=427&dett=3&cstd=241&cisv=r20220324.13822&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4DC8 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e089139fe4b3ea9eb5935d47116ee201051084aa328f2162797c90c94f7916e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5632
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B8A9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEcxDl-Lur7MxChvfSTXAg9CjtTNAJIp4rOvJ4Znh59FZrtKElB6K8XQ3tiyS-Ju4MVJRVmpbtDsv2lZtvatl_q1roEnLX5lmvo18oCaF4vYu_gd96SO6MeCxjiSGEhj5DKycE8xlLyT9G2BLJ9GnUfH4&sig=Cg0ArKJSzPi2fRhABErvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=607&vt=11&dtpt=400&dett=3&cstd=203&cisv=r20220324.48911&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 72E8 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVzGeZUpi9Y2J8r7CX4meaREGPY4rvbo1HnXiLvLSW_b4lLHyDbKlMzJdAmU1l65HGgO0zGBFEaZ8_V3f7oNpAmYLUftWJeX25Tc60-XiSaGadeaC9Yd789U6yWHGCEFxTVYjui0VgxR4wXlvE0LYtP48&sig=Cg0ArKJSzNNGWOziYVC_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=549&vt=11&dtpt=374&dett=3&cstd=172&cisv=r20220324.47881&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame E0CB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38901dc7deb0f1152f37944c47ec398a21ebd0f025c8b488adb91b57cf925482

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame A973 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A973
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame A973 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A973
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame A973 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3642358105815023776598&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 83AC7A4DDA864131963C64E592013E05 Ref B: FRAEDGE1419 Ref C: 2022-03-29T04:38:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbVAFDPMLLSUZWieKcPA==
xuid
eb2.3lift.com/ Frame A973
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3642358105815023776598?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-5NoGt7JE2oTt3tUjXj1xNX9F5gK7DsuUEdRuXg.BzQ--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5NoGt7JE2oTt3tUjXj1xNX9F5gK7DsuUEdRuXg.BzQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 29 Mar 2022 04:38:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-5NoGt7JE2oTt3tUjXj1xNX9F5gK7DsuUEdRuXg.BzQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame A973 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3642358105815023776598&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.56.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame A973 		42 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3642358105815023776598&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD1635DEBE00438393A7EB78E0D4525A Ref B: FRAEDGE1518 Ref C: 2022-03-29T04:38:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame A973
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3642358105815023776598
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0WHVP4N0SRKZZZEY2ERG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A973
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=74367&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ Frame E0CB 		296 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c47e3277e17f3fddae257e83adced71ea8eed89e4f58db09a7b34ce79ca035a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109243
x-xss-protection
0
server
cafe
etag
16193964174371263485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:38:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DBFF 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff91319a15480671e00ede786d29ccc0e5c03abf19687b87f75234750f400718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5562
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4DC8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
uten8uck00se
hal9000.redintelligence.net/zone/ Frame E30E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=0&gdpr_consent=&rnd=2811744075466180718&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e94f9bd95f45eaa53082fef37888ac8e26ac23858d1d92da1d4f762943a7dd70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2876
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame E30E 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=2811744075466180718&v3=1129274&v4=11142481&v5=10406292&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTE3NDQwNzU0NjYxODA3MTgvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzeEdiNGJsT0gxNmRyWVNpLVRNcGdGWS8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODExNzQ0MDc1NDY2MTgwNzE4L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/kF-owedN1BlPV8YXaYtBpYBReFI&nodeid=3012&group=cdg&auctionid=2811744075466180718&shardkey=2811744075466180718&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.87
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4267 dd20a5c master cdg-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
X-Akamai-Origin-Object-Size
43
Server
MT3 4267 dd20a5c master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:47 GMT
img
tags.mathtag.com/event/ Frame E30E 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=2811744075466180718&st=11142481&time=1648528728&nodeid=3012
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTE3NDQwNzU0NjYxODA3MTgvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzeEdiNGJsT0gxNmRyWVNpLVRNcGdGWS8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODExNzQ0MDc1NDY2MTgwNzE4L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/kF-owedN1BlPV8YXaYtBpYBReFI&nodeid=3012&group=cdg&auctionid=2811744075466180718&shardkey=2811744075466180718&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.87
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x26, cdg-bidder-x176
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 29 Mar 2022 04:38:47 GMT
js
sync.mathtag.com/sync/ Frame E30E 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTE3NDQwNzU0NjYxODA3MTgvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzeEdiNGJsT0gxNmRyWVNpLVRNcGdGWS8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODExNzQ0MDc1NDY2MTgwNzE4L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/kF-owedN1BlPV8YXaYtBpYBReFI&nodeid=3012&group=cdg&auctionid=2811744075466180718&shardkey=2811744075466180718&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.87
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x9 config:1.0.0 /
Resource Hash
c888ee94c1091a6d462433d7e5c71b872d53992983459bab21ada8d50efae413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Content-Encoding
gzip
Server
MT3 4267 dd20a5c master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Tue, 29 Mar 2022 04:38:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7126 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38c3867a05bb09eb21b66966afa7a8651a22781ce63d09cf362a697d543562cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5503
x-xss-protection
0
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame DBFF 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame DBFF 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b40eb0180e01e389b252c7ea71410958e9e6243d2b8537a5c87678c8f17ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=OiYnaY1gWQ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:09:35 GMT
x-content-type-options
nosniff
age
37753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38029
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 10:15:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 18:09:35 GMT
n.js
geo.moatads.com/ 		112 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrBEe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-BucHbtgGjXtDL%2FZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&rs=1-Vbb1JxNzs6uFgA%3D%3D&sc=1&os=1-GA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1648528728427&de=580756898963&m=0&ar=9f397fe3151-clean&iw=3341c3b&q=2&cb=0&ym=0&cu=1648528728427&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=7207%3A125401%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A4948238301475243652223%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&id=1&ii=4&bo=3690&bd=mustsharenews.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A516%3A516%3A1180%3A768&jm=-1&fs=197724&na=1434326614&cs=0&ord=1648528728427&jv=613403695&callback=DOMlessLLDcallback_89369741
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.215.250 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-215-250.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
d10c1183003782a33b7a337ba76ca6f8f6413ede8d62210a01f16ccc5b0b6ef5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"5926495be0d88620399c3276431bd63692fba01e"
content-length
112
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1648528728427&de=580756898963&m=0&ar=9f397fe3151-clean&iw=3341c3b&q=3&cb=0&ym=0&cu=1648528728427&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=7207%3A125401%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A4948238301475243652223%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&id=1&ii=4&bo=3690&bd=mustsharenews.com&gw=triplelift879988051105&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A516%3A516%3A1180%3A768&jm=-1&fs=197724&na=855555413&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DBFF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 7126 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220203021506908_WW_0222_Prospecting_Program2.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 7126 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220203021506908_WW_0222_Prospecting_Program2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c00d3a9de81abc6d454395f4b79c38014e46064f5bf6fccf495d9b385510cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=nnnnUGiLlZ&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 01:30:28 GMT
x-content-type-options
nosniff
age
11300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12456
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 10:15:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Mar 2022 01:30:28 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 708D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7126 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
ping
pagead2.googlesyndication.com/pagead/ Frame E0CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mustsharenews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
request.php
hal90002.redintelligence.net/ Frame E30E
Redirect Chain
  • https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=9991301684516&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
c58ed6de66e7106cd4b0da9734f860afe7c4c65e73fd77da72cff572c5a312cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
68229800019956404380390011913002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
331
Expires
Tue, 29 Mar 2022 05:38:48 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=9991301684516&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 29 Mar 2022 05:38:48 +0200
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 5C12 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fmustsharenews.com%2F%2Fspf-arrest-scams%2F-&i=TRIPLELIFT1&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrBEe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-BucHbtgGjXtDL%2FZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&rs=1-Vbb1JxNzs6uFgA%3D%3D&sc=1&os=1-GA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=280&w=336&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&id=1&ii=4&f=0&j=&t=1648528728427&de=580756898963&cu=1648528728427&m=66&ar=9f397fe3151-clean&iw=3341c3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8552&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A516%3A516%3A1180%3A768&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=48&cd=0&ah=48&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=7207%3A125401%3Aundefined%3A10&bo=3690&bd=mustsharenews.com&gw=triplelift879988051105&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatTactic=undefined&zMoatPixelParams=aid%3A4948238301475243652223%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&jm=-1&tc=0&fs=197724&na=869100658&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:48 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E0CB 		221 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mustsharenews.com&callback=_gfp_s_&client=ca-pub-9994647129360327&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4c61f7f5ce76a7f1becbac5015791c55c77b5101be0f6421f4d06e74ccd5fbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E0CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E0CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mustsharenews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C924 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b90b383e486a8ccefe049feb886451043085f53df574c9947e59bad772eca5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Mar 2022 04:38:48 GMT
server
cafe
content-length
11249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 4DC8 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220317072610540_WW_2ndChance_NeuesLeben_Prospecting.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 4DC8 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220317072610540_WW_2ndChance_NeuesLeben_Prospecting.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21066dd1052a0cc3cc6d40e20caadba8f798380d59166e9b5ea75f4a859a472c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=3Jo4m0P05Z&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:52:54 GMT
x-content-type-options
nosniff
age
67554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30753
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 14:26:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 09:52:54 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame F3F0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF11 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ev3
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=4948238301475243652223&sr=10&uid=0&type=mi&ord=1648528728427
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 708D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1LxsWI1CYpKQBNGR3gOC74iIC_7T969czs-92OoCwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBNECT9CXz7uy1vzCL320qsBO4rkcOm6NzctCrsNJ2CHJ1W-Pr880bv9Bunlfw7QdjX92_76xkFScZ0Okk2f3s26s-dSLShb43ROI7Aqb4bYEqGVLGhicB4sN8BZrm5MRr0PRtlnPDL52pqsltwuZp45OZJbQ7EligQaZDtRIohFb75zPKimZmrUEfsE31lHnLpfC7zfQZh2M8obMTCxCTsXtN5yWisbCR7x-XouQuTSlnQi7HnyLePoQvln8qs5jsLIUxgUxKWkr28XwKNRKPUXH7rjlaoJwLBho32QaxTfoqNmi2ebGs1ScqRXg6ssknanU6RZd3XFyS9TC8vTSx1Xx_pojLL5_I1fqxc5_NaTRal5KCHMD4uV5eWaRIGtdKr7_gq5rRT0Tw-lEJKyaN3hcljpOELztQrV8B8DabZ0PzuXJAn6jQJIKDrj6L3sJhQNlDuAEAYAG_97arYSzrpn7AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yODA5MjA3NzM0OTA2MzY5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=Cc-w23akZwo&uach_m=[UACH]&cid=CAQSOwCNIrLM71eYQeWEs_FhrSDZxBufyk-HhX25V51UQL6k443YNOVpbsjf_3kUWUyMsBCacPGCJ5nISzpFGAE&tpd=AGWhJmtt9xepCCe9xiYKFaGjH4whU4duBoQ9-flLblXrGxS5CvBpVFEJjQkfdQfeDcD7COW63ucQ9cxkS4Y7LspQxFj9W60mcJlaHcpAQnVXoRfQD434qBzmskGEgishc6asVMUReU6nRBD4y4_Nj2bWV16Cl9NZir5SCblMwZnrcfw1yab2-H_iLu1RMHhJW4QY5zWe_XY1naO-h-Rc9yzSuKl150juNJWRwfaQrOlRU48izTVOZymtypDqn15bbrA_wDcck-7wQucjFT0hik05ulcJdEXb1ntv0apywAKJMkwcKgDJu-9JiIxjgm4ZvHgwt9TpOIGNnQUEsnNEWB51Vuc_lrPjcrY0MlqwPBcy-4xq0f8NnbMkCF_PmGUKxwgQMEZ97wH377_Jyh_CSowcnsWw-C898o0_pYVrPUhuE1kIl2no4auX53FAnrCFotqMiQ1voNB6tUaBZnYq9iYNtCP5ALIHWtgxUFS_16t3WDweKPHDo6liXm1mHK_0Vfrvz2ioH1NOAYmSzKsOz9FID4ZKgD1BXlN4_N95bLNYjqh693TtK3Ovtv9ISBqLyroard6JpNvP7v5s-QrgBF3nzcOv0P7XWBZ6-2QIWG_UUNj9B8K5fCTyfaD8lUQ8qoH0eUuyxNPrQrKqmElTcTpcuJCR2jl9ikgb2D-Ra8VAAm8NdD2ioqkSZbTYRRQO-EAQcF5rYCr5Dck7YjGJX2yoyn81_9F3nLaxXSvK9FbdSSL8Wfvr43QKkFpndoyXT4KDNvMFRbUcvi5KdnqLT2urJDrNdBBL_moDf-5ZufiSd2vubDW3Y_DHgDVaydOkU0uIFOjj49V8NxoLxB7UUu5ZoCSaXcFryFtJZCiBJocQbLUP6veTOxSAopKnJPhTJ0Z5zt6-IXC-yXmMBuaCfg
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
v2
odr.mookie1.com/t/ Frame 708D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame 708D 		44 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIjUnGoHM0%2BXOmdwC7w4V6ZEmp3AaQDI3tE1eLQt20%2FZzL4%2BWO0o%2BcPeS1Gjuqeyr6TFE0tR86E%2BvACVPgIhONQ3I7VXRU8IDtn9RoIDotsXqcYp3lgMR8F96x0cK2atO5HT0RH30tkbTdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb0a8bfe54d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dcmads.js
www.googletagservices.com/dcm/ Frame 708D 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 708D 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=bcac57ba-256f-4730-a561-96e6799f99b0&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d58&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=1AegsAHBs_C5b9HtC7_Ky8riQpuPno5CCCR0AmqQYQ8I.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.570000&lon=7.440000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_right1_300x250//320x100//320x50&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=73f0b397717b7c40b7ef610d24fbb7a863c2ac86&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:47 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame 708D 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19533
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
S42ReOxLE_WMxNUg_X5eO3gsxB78UVzxIuMi8phDKswr8SYyLVhdBQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 708D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 708D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 708D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
l
www.google.com/ads/measurement/ Frame 708D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV7VvZ7_0q7X69dX4SmlvugyByUrvZyAA15txUySvklcgwnmBzS-JWMmNf5YeJ_AnK-kD_pvj2lBL2zH_84CX4sL2B8Q
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 708D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
ca
choices.trustarc.com/ Frame 1B3A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19526
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
9hXQs5cwik-ycQlifZzG_nmPddsTwqYlWFiFQQDHzXsQmEfPtl8u8A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 1B3A 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16854
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
joNGiAVwnPqxno4MFO311rso5nq-dHdLIgIV5dSa0lQcz5YpZ6Xf4Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 1B3A 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=d4b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
Xw8cVkLxrBei7JuJehS0nGRRp-EBf6tjxUgJ81mrIo549qWTxhgukA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 9FA4 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame 708D 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BF11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtH1MWI1CYpvkGMjf3wPhgISIBf7T969czs-92OoCwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBMQCT9BEUZrUnktPkx0O31b5D6-WairHkybXDWkQCd_8P8BmisjBBJlCID3fMpLK_ZUack_Qs_N7gO2v0ZL0t9DvhlqwCGhZ1SVG6w_0XDZGoCjebNuNPc_En8vCCgPs1EDa_SwVqN-A63OCqYWMm5qDBbLnk2tOiJHRjHe3ehzNBE6L5uqjWt_oKgE3CMAsaGV3ysOinDearhhlgevUUSq56TF6zYPlobWwbbqBTdVR9lGHuOt_dGcQlgrvTHK0alLJlKmIwO68gKcgddlexnM0JwnJojTkuIzHxd-HEf2_AKVyqgjA-VwcmwUuRXueGvJJEEAA5aUGHS1gqg8klOwU4nO0m1tiaLX71IGmVpjkT6lqo0jD4AqybdJpEuG5pkv35xxn2Ie2Gu3Yv08gQwl4Utz9J_fnG10uvuV8fu7iiZf4So9f4AQBgAb_3tqthLOumfsBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4MDkyMDc3MzQ5MDYzNjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=BCcD2Zl5ZVg&uach_m=[UACH]&cid=CAQSOwCNIrLMnBvozPORVV_QuZ7XK-JdHao9okzaIdLVmYJeadMi3pVhcY-D-hx4_UUX3gBXcT-nBy0vrS_JGAE&tpd=AGWhJmvElaPL6BR1BvfhCvsnaTKqVEEib5ST0DSJjRQx2OpySWDywABA8PoscIfPd4gUF1h9IvDLi89DCn4WglJbloDKrhpjidA275BKf50vqT5NXxgZL63VycY_zmPMKgZl7uuG7jCviqkwgxnfecmlkZFse1ELqSg87BDEKT6424c1-qnGDBZF3Ic3CCcLcUhtPkk1d-n6JV2KOAsd7YtlyBMHPeN6Ekn6ELziXBViKZZgJZ1Pwz38zccZ1Yc34b7POgXGb93Tk_4exDcOCErYcHeA4p0epp4gl_iXl9RceAwgohNs1bomfuVjcKmTpJqybHMYRx78s9bgzibDrjrfD6mk4zMVr1YzIGo_2xsgBuzKBrrhzJ0oXhC_5iiL4PfwBVCWBfPiLXtWHj9bwOSR3aIYgo0uu526IjB4L0TnZH7_AGtt0B6UZKkwj26YJ0irQa1zRT4JiCTF-XbHuiK1wM1q1nSCK5n7rKfHPCt1VaNWD0bmgNgDDdVZ76tuv-sFYwzSjVati3f3t2-UQe_8cd-arzT6WPsE3OLKBnap8-EBKZY6POZOeK641K1QKIVo0LCqZmdqvWiYRHJnyobyiqTAF8WkSMiiuhKi1GtpFSnlRlMp68Yrgpm8bEaouNBRWaFpT0OvRTDUzBxBUlm-E08XTNnwwWZbNf7TFozA6nnr5J2-ql5PwqGyTrq1OwkPKf-YbjM-m4r9N5GBkHXRwMz_Y_hMXq9JaI4YWxE-iLpR-7vfN42BfeBTbBLdDAQA3vdYg01cq_4xvmOqW8-jhtIvdK4SGSCUCQZ-cj8QafJzivUF3JsigWcia32QZ2Z4zqj_2VwjbWZ-712h7mBst02APZPuchsrk4SM3JHh3dIskZBgyTfmmsL_08mDVLSyF0ns8t9-9v_vISxT0Q
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
v2
odr.mookie1.com/t/ Frame BF11
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://odr.mookie1.com/t/v2?tagid=V2_2087&src.visitorId=2666c1fb-f4ba-4414-8244-b277cf67c3f8&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
v4
metrics.getrockerbox.com/track/ Frame BF11 		44 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v4?source=weight_watchers_subscription_germany&tier_one=ttd-display&tier_two=0a7a8j6&tier_three=a99jcch&tier_four=1e7nlzp2
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.58.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycU4zqoW5NN6dIBLtOD9EwmnlKmqyGVS6c1Z4XW%2BPoZLD6eULNd6%2BiKII7qAsNrv0y9Y%2B0iEz2MjTSJTRBRcal%2FYPi03mxbTn%2Bp4zoEm%2BedYnHGOO8YG23%2BVWonAR93Ucf60HTCRrexNMug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6f35eb0b3c4254d6-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dcmads.js
www.googletagservices.com/dcm/ Frame BF11 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 05:14:55 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame BF11 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=7c6fa279-7e79-4460-9661-58436b314bf3&crid=1e7nlzp2&wp=D73D2D86FA739BE8&aid=1&wpc=USD&sfe=147a0d58&puid=&tdid=&pid=vko50on&ag=a99jcch&adv=kywm6zw&sig=11JPEfLLuvRXxTARC1wSttMF2R6zXLEWpc04NY-1KARs.&bp=0.11714023337993907983&cf=3176281&fq=0&td_s=mustsharenews.com&rcats=&mcat=&mste=&mfld=3&mssi=&mfsi=&uhow=54&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=21468&did=&rcxt=Other&lat=51.570000&lon=7.440000&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.&durs=dwsLA4&crrelr=&ipl=/21622890900/SG_mustsharenews.com_res_article_mid2_300x250//336x280&pcm=1&grdc=CAEYASABKAFAAUgC&vc=3&cx=-5178883614526245302&said=00058a7c521b74f2aecb1ebb65eedd1cf59f6a8e&ict=Unknown&auct=1&cxlvs=0&im=1&mc=ec8ba4fc-052c-47ff-86ff-0d7df7787e6f&tail=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame BF11 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:15 GMT
content-encoding
gzip
server
nginx
age
19533
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kwgnFy8WG9RoVb5DeJI0HSoklxLGIA3iaht5VN27vWfo7VtNndcGHg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame BF11 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF11 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame BF11 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BF11 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame C924 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C924 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame C924 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
l
www.google.com/ads/measurement/ Frame C924 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvrKsNX8Ty6BdwNpy3zix2BVGFxcSGwMEloLoeZ8RI7AATrlNT3wRU-y1XUsGavJ5if_1OISZ3cfOAbbeJxcncR0g19g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
request_content.php
hal90002.redintelligence.net/ Frame 6BC4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=68229800019956404380390011913002&a=20d2ee0d
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=e453ea516c&subid=&uid=7fcda80630b36993&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652223%26mt_aid%3D2811744075466180718%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=9991301684516&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
5083f81de3f6b142f6ece9933a02c3b52b2cf4e7b57c3aa3fb7584950459f4ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 29 Mar 2022 05:38:48 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1420
Connection
close
Content-Type
text/html; charset=utf-8
iframe
sync.mathtag.com/sync/ Frame F393 		629 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x15 config:1.0.0 /
Resource Hash
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4267 dd20a5c master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Tue, 29 Mar 2022 04:38:47 GMT
Content-Encoding
gzip
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO26zV41CYq7jH9D-7_UPq6ixmAEAAAAAOAHgBAI&bg=!0NOl05fNAAbzJazn0yU7ACkAdvg8WjpXhWWoYBfRVbgfxumLphDaJm62ukmg4twYrozJ4TmIA-Wm-AIAAAJnUgAAAAJoAQeZAxyxYB6Uz02AL_sqJPcYumAYgPybuFybGNWJ_BY0zccsGFdKCnQm6ivFXXhBc0P5eP8oENZ2i_Bp46HsLO80_jjg70euvcOtPAp9G5i7hPwZcyYAQeVczO_gEpbMuwRBLDYHFEAjpaUoWm5D0Oe-JpOmsd6GUtc7hxSMCHxWeTMbwS367nvj8BjcBtxgz1kxRY36bjMXvP3OVXwim30kZznUOWaXlDpHyn6FFSLByVhEMnMRjvHNb_CeA8L-f7MLmi5g281J64bKDWIwcdkPj1pENjVBcGbVzoTtMhRRBDNKI-yLvrch19qX4jIYBoVWAoigMfb2em3lYl7giZC8_GIbofFj6_1Vr5oAbn4IPy9QS2VTXbsvFcpaIArj7M8IL6DzHwBA2SsOzxWx5jQzQjNbkZy1sOutJbYmI6wsXxoxtv7NaPNOeqE7M_f1EpNqTKIVOu07LLdYlMlDVtoKaHw1FD3lA25jIofbSO7rphBPvRXUkP4kZvCyZrLj7EMC29JRyv1EDeiVTeQDWNS0WAcrKAy-mm-LPRgNL4hw1MHfX6bVQ0u__iR_jWPmUpLb1tMkWuMohEuQzbInCQNbemoNrETj1bC6UKtLsoZkB5cfaMa5Vc4xQ-dhibCY1Eg4AMcRI-G6N0RoeLVykHQj8e-sBE5oeZZ2aUGWBEanIdXMkpSvkjY7u1HCtM6gonrPU51tbEttCl6W0Oip2CDb-zyZkYJZUv3dsnKLOoi0nU-EtJYi31x7hCn1FNW9OUpJLy4_409sodDBG4mxDL9vRXVWUDMcMM-Eo2kQDxOIDiFxwZmW3twKaEeEBUJMhZPUGlQQO-vGy0gR6egTrPd6gk0u0dmGROcfJzblq3A8JCEwlGSjhqjImppX2vH2bQfcmvxoLtRiSAg6uO5tIUUeJcQ0twdGWLjLiNh9XE7CiYWEyLpXjr02J_FdfLjtkddY2cCralA4qkZDzPDKQP30W06tKI38kx-sFo1tpNJrVlQciyV154j0-DId8tGug9mdWridHGRuqL3Fn4bvkorvjrAp45ODrrBE4EgUVjm-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C924 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0oZsWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTuAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZDywS_Ee9p8YQmmGOdeaGcxMcCQUaz6_ls_KKWX7MdmQjOW2Iia-ABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05OTk0NjQ3MTI5MzYwMzI3GAA&sigh=Uy3rHp5LB0k&uach_m=[UACH]&cid=CAQSOwCNIrLMo5N1cEp11VYVaWBus3XRwZ7oo7xDZKVZWRV_U2IYgfqjzkxDIh3Ll49_KKjCWx7qRFri4h4lGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 29 Mar 2022 04:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame C924 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UP2jEt6BMNgFWp2DYgICAAAAH72VpOiTClIQWI1CYggrdyKeGomfqskKABI&wp=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
server
Kestrel
server-processing-duration-in-ticks
303917
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1B0C 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d2aafd9792387807d3b2f2ba08b7df604c75cad6a5ae98d4c999fe0ed4100871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 29 Mar 2022 04:38:48 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nZQUw6qwitWduzSmVnNtNHD69kLk1c2-l0Pi1ur5vJ3E87xrUxKKpsiJVb0dvY_eynMotd4Z1_K2KtNeVjAS49BJIEorepNWML5KVvSS0AAD0R4GwC73mU2cvC_5Suv5HahAcvoAe112IZQzz0CYg_1P_pWAj8HsHChmwGV1CL3wafWm_zr0-7sQ9Vv_i_hd6fJZC_kploTz4b71mczSyBjwcFDx8JfStpdPsNXmMYZRVdBimL6QS5OQBSmR3fv6fs7WBZHe71Su0MBb"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
5123397
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 90C5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81904
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img
sync.mathtag.com/misc/ Frame E30E 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:48 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:47 GMT
impl_v85.js
www.googletagservices.com/dcm/ Frame BF11 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
B26791739.320447811;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2328675810;ord=lch0hf;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbcac57ba-256f-4730-a561-96e67...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame 708D 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2328675810;ord=lch0hf;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbcac57ba-256f-4730-a561-96e6799f99b0%26ag%3Da99jcch%26sfe%3D147a0d58%26sig%3DEB3mJznZF3wZgugQXJOmx7zWH-QFvy404fen7ChTDrI.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_right1_300x250%2F%2F320x100%2F%2F320x50%26pcm%3D1%26ict%3DUnknown%26said%3D73f0b397717b7c40b7ef610d24fbb7a863c2ac86%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=104;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
37f93f6690824193907dee75febefdfa4c67b30f415cbace49440f37980963cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27198
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C1B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo4f4V41CYprnH-iux_APtZ2_wAcAAAAAOAHgBAI&bg=!6-il6KzNAAbzJazn0yU7ACkAdvg8WoowYC56AwEmYLPEv2Pg3EJH9nLpH1Aj_kgkcBUTW1D4xgfeMgIAAAIxUgAAAAJoAQeZAxtIAIkD85IuwJ_vmR4Ofo0HkolxFr2VPQlHY3vnOzkjhCfeqfL5p7B0lhZ9G_r7D5HxcQ8TZNZIMVAWDk545RB_msOIpZHnWIgHWZiIderiHtBgK6rUa2_gKDNgHCM-iMsdIhGdm__4E7cn6xBBNemouder2fZPLoWiVIYFJ7CVrxPD6y-OMjWa5xRJle9qb64elBqlpELpKhKR71KAOd9bzLAxN-I9_OQu8udWXAOy12cCZ8-twTuDoKMgXAx7gaKxnVs7yy5RXaeiQiwxQvCNOSrzaYyK98c_GpZgxSmhTdk4ecumOtJiUTwHH7k0-JCRkom9WHMGy8OPG6L2wpr9q1RFh7BsV8L-_tWs5bRv0RQ3iIoqwD8geWi3FJcGiARfl_oNXsx3_iIhQv8DY2_LuSYQk5s1kX65t4gnom6327bsfVoIJLuQ3UF9dqHaPEIfTukIB72KaXr5aI5ikD3jp-lE1AEua_xIP1iOtwdnB2MDXYd6J3IU5hOxEmrSkl_HvqtL6MzPfyel4e4XeuYnHY80VhuisWUCU_00mYNjdZH4armkBRhog-6R-7XJN8YuqcMoRgue8iXS_YW6E-n4ofZ14tejXEVw0MhH7hlUzEYu_Yhabx7VE_pl5BF-ip2Aczx-KK5j7_sqPsTLpCTDq-fi10E5ZFKLPJl0nn2Q0VBElFLuP3Jx-vWt2iQuY2Kj5s73zwZRVI2S7q4iCTw3mDAZ-8BOjcKBjcmVQhT1yYS3bRcQjiG9B6f_tDlNAEd2RV8uUaLuHwxRvRkjf8K6WxoSjVEQYI-lOczI7DjjX2SZrbdCpycwLTb11vrKHngoCvwD2PfDw0AbND21XbZ-Qfu7ssMYHDBk7C1JwnIV4g-LjY1921VgHdYBLM7itwMUlQD3atHyMfPjC4KuIr5l3I9upO9dDyGx1tmjnPO4T_C5T7Cx7Ub2Dr1HMSmZzZrZCH7IL_Vhmyu4b1bMoGJY7LPzziwwsQIv6xVNyZWncicRZ4IQI9xqy5Wjec9hdMQDAxXJXHiU0sUvJFvunLFTq5UclLvQMQt2L9U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 1B3A 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
e1gjNAv4STPLNfNHzti5l59TSMtaLJAgNS0mXXWcyNuNvlUqUgGVqw==
expires
Mon, 18 Apr 2022 06:28:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AC6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0UZDV41CYsXvIKaR7_UP-pGMqAEAAAAAOAHgBAI&bg=!QEOlQwfNAAbzJazn0yU7ACkAdvg8Wq-HvD_-iZ6w2RaiPovvQj2sV8DJx5qYqyssfT3UGg3CKjQstwIAAAIjUgAAAAJoAQcKADKr-jlagC4tzbXfhYnZF1RyXdOLVvtIxbBOYqb0j1jaEAElUH3kwxIG67UeM804XEIY2ZkDMVUh18upOrlg0zs037yR9N30ezAKhFjTA5Izkze3NoOpzowP_R238svh623j3abl8_yWPgYr-xgaq5pTXD54NgF34F8na6ubGiufUCp1jG3hGxMcy0xjdPIQ7aoAWmE2Gf_1pnLYM6YCDIOm7x4lh04caY-I_OuxBPEqBtrzzS87gQOkfS7P4MNYPBMUL3GrQAyUNyYODrc9r27wATzNYWmEMOrHdjc01WskwnAoR19OljGbw_-Kafjq76yE2IaX0vv3NtA-EUhIC9l1PBcYlzqako7fKc27JKQQDFE8LG_nFkWpB7xqYxjlkxhBZZeUfu67Wuwp5EkK6kfvjAHtalZzpFB9sEYyOBWggTpCAL9p_pfz0l6WbcGgpIkPyMwEfSW_ouyK__inIQBve7LoMAcTmgHsINInE3-0jrh2JVntTdVjypN6lRdUdRL0UQjEXwxJVfJd0oIHU7TJZNzL1fo40dXPGhJGi7aZIHE1sBf7U8FMy-atLGQhNiiiIwJjKwlvVIjeklTYPJfzhy-YoS7fTxCeJ6YU5vNAf6vRULwjc480CqH9o83Aemf_0Ob1ZNxgkasBkK5IU1rEDU_UGna7NTs_Juei7gpWVwp7eL8ee1otmWeS42L73Kof0BnfB7zEOxvxekfnvlRnccL07Z_e4BfvoFaMMuEUH9JAjYtXRLmI1Ejq6g8BkIml3KzH-O2zIWEMYxeMgNkaYl6KNx2V8V8Am5fem3yaDuhN5jldVyaOKw7r-vFvyqd0YRYzAxEXKWVettPBUhu77FvTMppGpUhoqHOoDR5vZW22VmcJOz8gEL1_9ax7Q5keu2E4AZlmRbBYQh0FLDm_6Pg7hICryJc8eoUXlUcX1PU792lntix3WdYT9_XH5OSVSQRGY7NBFFrQRZh-MBWC-1zK1Aoi8SM7a5L37HrnX6QMlSSBSNqehC85mtZMyvkrWU2hFwxX46EgTb38zMk3hR9O3pFY0M4G-ZAXHaQKZig6ZX--4I9v2ERh75rvP1K3XipR16acnvgdS7GU0C3rSsypKsS_KrqRJzj2PHs1K57ILNIe6GsxJ3bEKSnpPP7xXVrYS2U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:38:46 GMT
expires
Wed, 29 Mar 2023 04:38:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2711136303;ord=cp414q;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D7c6fa279-7e79-4460-9661-58436b314bf3%26ag%3Da...
ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/ Frame BF11 		65 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2711136303;ord=cp414q;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D7c6fa279-7e79-4460-9661-58436b314bf3%26ag%3Da99jcch%26sfe%3D147a0d58%26sig%3D1ZjdPJTmG8shuAvtwjPIGSw0syMeDTYE-Hu9a85YQNU.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%26pcm%3D1%26ict%3DUnknown%26said%3D00058a7c521b74f2aecb1ebb65eedd1cf59f6a8e%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=117;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
f39fdb2fac6dbedc00c217fd646b40803e789faa4c42130b9870ce6c8802114d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27061
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C924 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddcc88ba55f3d661ea4985d80d7cf93e64e35aba587d7f41b9fbbb82340d9f7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
ca
choices.trustarc.com/ Frame B8A9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19527
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
L5DkLi3TnQEsJVrifWEtHAycO-dmKdxQYW3cGWFQsM17LJNeuEnCpg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame B8A9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16855
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
y-tEYph1lT4LFtep2nRdoF5srplOVXYRpX0vC1SN0M-ff1omgbPENg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame B8A9 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=ea3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
PQAqomDXVIAaU5SMKs-WNh8X6UUBTWY-9MnpLQxDR55rPZtGjK2gzw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 708D 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame 708D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;dc_eid=40004000;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2328675810;ord=lch0hf;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbcac57ba-256f-4730-a561-96e6799f99b0%26ag%3Da99jcch%26sfe%3D147a0d58%26sig%3DEB3mJznZF3wZgugQXJOmx7zWH-QFvy404fen7ChTDrI.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_right1_300x250%2F%2F320x100%2F%2F320x50%26pcm%3D1%26ict%3DUnknown%26said%3D73f0b397717b7c40b7ef610d24fbb7a863c2ac86%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 708D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
ca
choices.trustarc.com/ Frame 72E8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19527
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
mscYyMxg2JVoTHvDmcMOELHhK30USFyU0346T_VzRaoFdzKitCr-GA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 72E8 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16855
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wXwCFgaNyYqlblSqmMBbxI2TtSp5l0XDj7XOsYTauVopZGTVJ51V_g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 72E8 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=bd4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
UGO5LAL55fczxV034PisCgxv8Q5fN_j0qrDY_zg9QnGnZqrmgDTasw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/adfscript/ Frame 6BC4 		740 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53795663;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp2a9n1c04rkg4uy%3Ftprde%3D
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68229800019956404380390011913002&a=20d2ee0d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e0f0e7fcd7d036c0673352fa175fa17ec4cb8582fab0b490ab81887f02afbe09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
542
expires
-1
usync.html
eus.rubiconproject.com/ Frame 0018 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:49 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ADF9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81905
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 708D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6056da865e712186f2e3fed4c7a56f44af79f9f8054bae79f9fa2ada330e454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
viewability
hal90002.redintelligence.net/ Frame 6BC4 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=68229800019956404380390011913002&a=c55974e7&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=68229800019956404380390011913002&a=20d2ee0d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=68229800019956404380390011913002&a=20d2ee0d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Mar 2023 04:38:49 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Mar 2023 04:38:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1B0C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 Mar 2023 04:38:49 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 1B0C 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Fri, 24 Mar 2023 04:38:49 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 1B0C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=lQ6TuX7yhZ3SxTMvEAd9vGFmcfAnL8nURjA6PNWolUKkMWZdEbvoeDGqp5FSkFnAddW-m7ISzEG26Mt0kis17f_LJyABhEclqAiiVLpOzu-Fe7YDwP_fu-6Sf3FqJ0-t_YzRCcXlUP9UwoLrnQdX6Ex5kOTZFuOmKLinm0alZ7vq85PeDWRv4K2qig8xyvoAoQm5RStujlh7VkKIoh5nNav9_JxieZeegptz4hdoVq3nJHe-uFTgveldLLXWjAbxkhDyyoskb8xRhexbtTXKKczSP116C2T-rRPB8NvG3C8sypGzWeWXQfDIIRQRnVa4u3m0NisgxYnViGfBvd2FiHmkc0t-hHS-ExRJkitt8jvnB1jLhEnuF83bc7HGU5tUIIkGBLAj2gpcilQQSM9a1LMLG3Km9lMAKn4mMLpXZO6_3QH3P9M7GHB0hSidExCuBA5ytQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3323587
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
6aef920c427d406cb51ce925168a15fa_image_ad_728x90.gif
static.criteo.net/design/dt/90764/211109/ Frame 1B0C 		339 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/211109/6aef920c427d406cb51ce925168a15fa_image_ad_728x90.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c9f9937a2798feb904cb24d69529e2e92570e92cfc9098a07605350c860fd376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
last-modified
Tue, 09 Nov 2021 08:25:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"618a3097-54b00"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
346880
expires
Fri, 24 Mar 2023 04:38:49 GMT
dds
rtb.openx.net/sync/ Frame 90C5 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGgLaGK1mpMUWl4LO43sZ3M&google_cver=1&google_push=AYg5qPLug0w7nly7f7qFpaBuP7qk4jSn2TwgfqH_LTXzMT5q2SavJFQ40z-bYIxxH70sugcPg9Hg7xMEIk_3aoTgl0xMGJYQl-U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
cobjtjpiq174u2s2oo8ln46nk3bhh6or
pixel
cm.g.doubleclick.net/ Frame 90C5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDHMNqQnTicWDKJpQTt4iJkI1c0_cWKiEYRmwPtD-28PHxjnhFwSb2hRGBjlbXk4rgvsQ1ezwbNt62H7KL0hd6qFJ_OXY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDHMNqQnTicWDKJpQTt4iJkI1c0_cWKiEYRmwPtD-28PHxjnhFwSb2hRGBjlbXk4rgvsQ1ezwbNt62H7KL0hd6qFJ_OXY
date
Tue, 29 Mar 2022 04:38:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 90C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECs22FyPhP3quApjc9lm8uQ&google_cver=1&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLval...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLvalHR6xtsvNvtg9bU4PVhBNCRrM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLvalHR6xtsvNvtg9bU4PVhBNCRrM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPIQwBcgTdRUZS9vgHUERYE-7Id-D2wm2fqPkUQYBQu4bACsXiYUfs_Yf5o6PxlI4IzLvalHR6xtsvNvtg9bU4PVhBNCRrM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 90C5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6P...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 90C5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIbH7glYobqvu8wE0LZ_BCGi3tVuT0HQFl8QSuf1jkeVcRE6DU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9994647129360327&output=html&h=90&slotname=3181947012&adk=3850223879&adf=776186319&pi=t.ma~as.3181947012&w=728&psa=0&format=728x90&url=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648528728358&bpp=3&bdt=256&idt=247&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&cookie=ID%3D6b4267633041b275%3AT%3D1648528726%3AS%3DALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A&correlator=8764973342713&frm=23&ife=4&pv=1&ga_vid=987807505.1648528726&ga_sid=1648528729&ga_hid=1814928630&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=974&biw=1600&bih=1200&isw=728&ish=90&ifk=4191574115&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31063247&oid=2&pvsid=4502625534196468&pem=105&tmod=90468471&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vrr8hiwgygb1&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
get
choices.trustarc.com/ Frame 5A0D 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
R2pIHtdzXMFjRIT5nKIgQjzPbi9z9dQU7MAYHoJ9NP92-Kdh1Gib6A==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame 5A0D 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350148
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
fxBgNRbJ-4cQd0YUItqND1XXMpgeNZ1MFBatjLmQ9CYkcETpuh_xrw==
expires
Tue, 12 Apr 2022 13:36:20 GMT
img
sync.mathtag.com/misc/ Frame F393 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x7 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E5DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CExOuWI1CYpW8JYfO3gOFmYu4CO6StZNcv6KFx-QFwI23ARABIABglaKggrAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBN8CT9DiMmRYCDdpf4nCS-eQsBgddchde9H3_ZOKTD06MvhkVObkklYP4Yrlso12AYYuBPq6-TRPBkbBYpzUkpgh96_ggnH6Vzh56i3o-Cbqj7JEwkrKLivZx36sNw0kAmiD3wGWPG-gPJoaZXVQPVC32yxgpweBkyfvblfGaU4iQef_s2brpFRI2QhBSihqMWlf4LW0CyeepCPO8rnGfZneGnms3gXVYsIOjdaAYO2vzIqX9M3lOZp1JxG5ovI3KXITIy5NHcaBKTsJfBDuIi_eAH38rxWP_q03MnipB7ExSFsDJwCQGFwmRzx9BNXx8XAyZ2IqhP6kqSlD_sgX3D0dvZIVWcrzUne4TvrbY09conXmxiIJoi_x2oK3mpiSew57-1hpRaT7Q6RiuV9Ripij_cNrYyj0_DABR5zf9EfTja88lKn1xaYNG5--v2a6kkBzmuEKJLJDqw7FwtT_Z6Xf4AQBgAagmNWlsaDBtv4BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTI4MDkyMDc3MzQ5MDYzNjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=LcpVYl_9sHQ&uach_m=[UACH]&cid=CAQSOwCNIrLMIb-bCYkGSnALXA98-cAnYbTjQl81iGO1OHXYZF2v-KejJHnt-T8D3gbdyDrQMlxtDZVESGg4GAE
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame E5DE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
/
Resource Hash
ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:30:33 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
age
501
etag
"3eff43f0535e7950884c4686f367157ca994cd68"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
content-encoding
gzip
content-length
2011
x-amz-cf-id
p8T0ZPesUgvv--1YZ0YT6z2MEaFE6HJnqblniLxA6OuarZF7muMoPA==
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame E5DE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:34:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5DE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame E5DE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:47:11 GMT
l
www.google.com/ads/measurement/ Frame E5DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX0c63Rcm8Rcq7ram7pRf_EeObXKJLtxvu692n3itILfxuYICjX9k0hDr7sPdaSXxrOT3e94BdrakQ7aoCaAavaKns-Q
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E5DE 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 06:52:21 GMT
notify
tlx.3lift.com/s2s/ Frame E5DE 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=YkKNWAAJXhUKd6cHAALMhSf2oPJTfSL79Yumcw&ts=1648528728&aid=6164977371329291112120&ec=2409_15064_70_53694719&n=GgDyAtEBCAASFjYxNjQ5NzczNzEzMjkyOTExMTIxMjAYACABKOkSMNh1QAFIAFAAYApoAHCzxhWQAQCYAQCoAQCwATe4AQnAAS%2FIATfgARPwAQD4ATeAAi%2BIAhORAgAAAAAAAPA%2FmQKkcD0K16PAP6ECAAAAAAAA8D%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BALwJIADrAKIA%2FoBkAMAmAMAoAMAuAPXhhPAAwDIAwDSAws3MF81MzY5NDcxOeAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwAzf4AgWIAwCSAwRkM2QzmAMAoAPRtgKoAwA%3D
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame E5DE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=6164977371329291112120
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame BF11 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 19:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 19:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame BF11 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1549806.422087GROUPMCOMPETENCEC/B26791739.320447811;dc_ver=85.248;sz=300x250;u_sd=1;kw=a99jcch;dc_adk=2711136303;ord=cp414q;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D7c6fa279-7e79-4460-9661-58436b314bf3%26ag%3Da99jcch%26sfe%3D147a0d58%26sig%3D1ZjdPJTmG8shuAvtwjPIGSw0syMeDTYE-Hu9a85YQNU.%26crid%3D1e7nlzp2%26cf%3D3176281%26fq%3D0%26t%3D1%26td_s%3Dmustsharenews.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D54%26agsa%3D%26wp%3DD73D2D86FA739BE8%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D21468%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55GgA4AVAHgAEAiAEBkAEB%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkgKIWNoYXJnZS1hbGxNb2F0Vmlld2FiaWxpdHlUcmFja2luZyIjCKX__________wESDm1vYXQtcmVwb3J0aW5nKgYIoI0GGAw.%26durs%3DdwsLA4%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F21622890900%2FSG_mustsharenews.com_res_article_mid2_300x250%2F%2F336x280%26pcm%3D1%26ict%3DUnknown%26said%3D00058a7c521b74f2aecb1ebb65eedd1cf59f6a8e%26auct%3D1%26cxlvs%3D0%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=1,https%3A%2F%2Fmustsharenews.com%2F$0;xdt=1;crlt='P.V(BazcD;sttr=117;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 04:23:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BF11 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
usync.js
eus.rubiconproject.com/ Frame 0018 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14265
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 708D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
expires
Wed, 29 Mar 2023 04:38:49 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 708D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI3aErAZhMBFlgUBKcMGnmKEgaYacSjPffoI0FBGIZ-VruW7cHz0aGplNSsZSSPKg2t7uaOPsjlQIj7Ovjdz1uvp_b4lhGSruVGlK8rABUL0qU3KKN-FyFAMC7J5A73MFXSRuUSd9JNBaCmP2PBKAalmU&sig=Cg0ArKJSzK9sklas81d3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=139&cisv=r20220324.52878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
all
csm.eu.criteo.net/ Frame 1B0C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nZQUw6qwitWduzSmVnNtNHD69kLk1c2-l0Pi1ur5vJ3E87xrUxKKpsiJVb0dvY_eynMotd4Z1_K2KtNeVjAS49BJIEorepNWML5KVvSS0AAD0R4GwC73mU2cvC_5Suv5HahAcvoAe112IZQzz0CYg_1P_pWAj8HsHChmwGV1CL3wafWm_zr0-7sQ9Vv_i_hd6fJZC_kploTz4b71mczSyBjwcFDx8JfStpdPsNXmMYZRVdBimL6QS5OQBSmR3fv6fs7WBZHe71Su0MBb&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:38:48 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Mar 2023 04:38:49 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1B0C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Mar 2023 04:38:49 GMT
usync.html
eus.rubiconproject.com/ Frame 43A4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:49 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EE1A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81905
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 6BC4 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53795663;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp2a9n1c04rkg4uy%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:01:10 GMT
truncated
/ Frame BF11 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2da5d05d435b77b219df533e65470640a14a029923fca081f970e8f84bab77f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 87D3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bundle.js
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame E5DE 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 15:56:45 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 15:56:23 GMT
server
AmazonS3
age
1600925
etag
"72ce81d7d81987b2256ad6fa329008bc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
82367
x-amz-cf-id
ZbQaL-AF2AmEzI-DWwZ61dAcB8NebkLRYzpVkhD6iSTi2L7aceHhkg==
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMq_f0MvSnjIQL2ZaiXu1ts&google_cver=1&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEuglUK95OJUjHCY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEug...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEuglUK95OJUjHCY
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D4CCE8DE2E3495EB286D967A4F31EE0&google_push=AYg5qPIG9zGU02Lx-3MjnEmAaed5BZj5BdJVmhFrTDjOINSbyaIDDwmkQrP2p1WAxeTP5kKv6Kr1Bq7TO_zqEuglUK95OJUjHCY
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 28 Mar 2022 04:38:49 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame ADF9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBjwPmNPWldo-cU2NyRVFvI&google_cver=1&google_push=AYg5qPK6Z-DMlN3ebGuSMiGvUXj7-TbO8Yp9NC8rDoEpss9iX7W9K6VLr8WIn8anfjIok3LRxAaQIPObgUpCDmbRropJdKFfW7RI
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
dot.gif
s0.2mdn.net/ Frame ADF9 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEKNMP85J6OitKT4sD5ErtQ0&google_cver=1&google_push=AYg5qPJvti4fcp0HkLYHn-YqLLeZL4RpTOlXMr14wYozO2SwtAz-8Y7gshNzRQPaUcl2owClp0wkstW8ZnbYgceNM6gF6suSy62N
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Mar 2022 04:38:49 GMT
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENe2u0h-Rs7QGKCMEMjwCJg&google_cver=1&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4DzVP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4Dz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4DzVPxCZPxCsTuXoO4IzxFMww
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk3MTExMDAzNzQ2NTA5MzU2MA&google_push=AYg5qPIO6jw5Nuz8EvPKnc0NWLt1srr3tStW3QlPx0oJB011akRUcThwy9njppc4-NPIGFf6J_d4DzVPxCZPxCsTuXoO4IzxFMww
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI58zWAmzzpTyAanvYgBD0s2OKmZqpmvxuL8Xe8lrSmU4mqVvTk2vLZ-EvBohy58iKLCWWvVTySiunkvmHkDSACSVO4ueGr
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI58zWAmzzpTyAanvYgBD0s2OKmZqpmvxuL8Xe8lrSmU4mqVvTk2vLZ-EvBohy58iKLCWWvVTySiunkvmHkDSACSVO4ueGr
date
Tue, 29 Mar 2022 04:38:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECt01CNC8Q9pxVMyyqTmE5M&google_cver=1&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAqg8FEZ01Hpn1TQt3okd3CZgJOa
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAqg8FEZ01Hpn1TQt3okd3CZgJOa
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPK7bo1IH0Sd6xEVtGZ5UUjJPFK6WY8WuMnpf_YodS434ts2otW23TYwcyt0c2BJRcClwAqg8FEZ01Hpn1TQt3okd3CZgJOa
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame ADF9
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEnZKnM0xJGQXKSXmKN4Hu8&google_cver=1&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEnZKnM0xJGQXKSXmKN4Hu8&google_cver=1&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XP...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame ADF9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9E0dDMF2g0hBCSEoLnWNfYwQBiYLlY8NpMD1lsJB1eefcVAh23yUXwVxdZb6GVRjlQD_t
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
get
choices.trustarc.com/ Frame B8A9 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
BmvboJoPKzvTMR_WqM2EeJyJO_TKGNWg_F0QjA58hdArfXMh3Tms2g==
expires
Mon, 18 Apr 2022 06:28:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5D14 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
81905
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		55 B
115 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		731 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		24 B
84 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		281 B
199 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		26 B
86 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		157 B
156 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467791
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		400 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491446
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515112
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 53D2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492389
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		1 KB
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515044
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
usync.js
eus.rubiconproject.com/ Frame 43A4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPWmYVwPWmYVw__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFAAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14265
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
ca
choices.trustarc.com/ Frame 5DDF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19527
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
vk_E1IIFkLb-fBkxVYkmM7ZhN2BM55asjoOYo8Q37S1HBbgF_O104A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 5DDF 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16855
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
91EfWjJfC6t3TtA6G2ibY1jF_SXfo-3xp9PgLEbzwxJEU7UC__uYKQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 5DDF 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=e8be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
lu8nW6AzqdN6BpBnoixqXgapnxsGsenqHBX4XPzNI5l4DgeNkm0JwQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E0CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPBwfAJjlF257ABn_GkpKwM9g6CLhq6q_5Rz6d89573RoCGVSr9pwTosA02yS20SbxJdqFkM4H9eUL7vZux74wQWvkV-QvOkftz5Fpqw_4GL_TWUT7QeLX3QseQ4hTg4IjfoIcxT_7-xKloiQKC6RgRKtot5hTp_DOgxGIUETPFri0QHJ5xjwpvnxv1Bn4JjNCAAfKkxDwQ9kJa1xrcxYdK6-djGDvAuY-frSrGpAkNjz0uaOii52oPVXAr7U3F9rR6KjF8k1qfqTr-IpJVGnQ2uP8ZY6dRuzDafahA8FnjTbggoZKM9nQJsmRhhPY52TntpVX_1eY3UTrehTKz8zdOS5FSxz8IcoCwI8Y13IgcmHNE6EbzcQVjPXx4Dn8QYLVzpsxEepd&sig=Cg0ArKJSzJ3cPrRZ97J3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Mar 2022 04:38:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E0CB 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220324&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f189ae9b842cd0818802f9d7b6f5ab37ffae60ad41385bb03e6c5b459a3c0b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10547
x-xss-protection
0
get
choices.trustarc.com/ Frame 72E8 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
aXqfDcFwHxDl49zxRePHw8NHEZRjqUBddRFQvRlxYN8G-Rdvfe_YWw==
expires
Mon, 18 Apr 2022 06:28:20 GMT
index.html
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		65 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
expires
Wed, 29 Mar 2023 04:38:49 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame BF11 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyXfBhHpPzHAArdW6samWuXRy0cj-vqHTrUF0rlxmJMLBTwtajKiZGITHI_Iqoj1c5I8TqRNBZTwwtB_2yrVHV3QfYHBk1vHz491vTSKPEZ4LUa6qEshSYh1Y1jd0A6vj2Owmke3gz4QK5TcfpTAbnnWs&sig=Cg0ArKJSzMIa-vr2JWltEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=149&cisv=r20220324.90069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame E5DE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29d34a847c6d47d4f6f0b8f6df62a41cbad3f3d0c24d67830b7ae49df34dd5bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D1F6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
68862
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame BB5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9MYKv0Ex3Lz5yaoNGbQEEalPT4-UGN_NO2qLoKUvz0cVTWm3j_oLBQPXOt4ao9qWPgPmxd1eoUfLn9wsEhwfbJo8Ejy6U0U948JKAHJvd9ZyKP84TD7CNqcFcKQqBVK2ZjHy003YunEjvMbZBX03AlamJuEh0EHe-KzpzspUyisXcUJ-Y0bn_vB1Enp9qb5CP6vWNij1gVDGNTTWNxtk3dTQvKsItYuvU_dXZbU9t-5V9Ihsk0uHaAA8V3gmr5JdHUl5Gk0SVvdjqjN5EMhtMPs-v9W8bEiOxEhpZWFPW_EObsH-p8XPvVgygPB4NxRGeW1d8A95WHE4w3cafUENGJCb7TqzJY3sGrmtjKnfpCXo&sig=Cg0ArKJSzHgwMQ1dZ-roEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
uct.js
anymind360.com/js/prebid_creative/ Frame BB5E 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/prebid_creative/uct.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
age
8130
x-guploader-uploadid
ADPycdvY4zGNGS_RxbkaO61OZkbJmigTdLH1tSe7xSccrdSoG-FZmoAXED6OQtSSK3GkMaK3bCZ3NjKMAzWUqJxifQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
8280
x-served-by
cache-tyo11925-TYO, cache-mxp6952-MXP
access-control-allow-origin
*
expires
Wed, 16 Mar 2022 02:23:15 GMT
last-modified
Fri, 10 Dec 2021 08:36:59 GMT
server
UploadServer
x-timer
S1648528729.425965,VS0,VE0
etag
"32935b1d2878254c40c430821f9ad672"
vary
Accept-Encoding
x-goog-hash
crc32c=MQ+Z5Q==, md5=MpNbHSh4JUxAxDCCH5rWcg==
content-language
en
via
1.1 varnish, 1.1 varnish
x-goog-generation
1639125419758288
access-control-expose-headers
Content-Type
cache-control
max-age=86400
x-goog-stored-content-length
8280
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
383, 6
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB5E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E0CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9994647129360327&plah=mustsharenews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EE1A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFJTUCeqdt3QHXE2xUllX3U&google_cver=1&google_push=AYg5qPIwJe7Oco8BkQjbxHSkdNJlibLnseD0iYyl8XeJv3TdTY8EjAGidGdUtSDtwkGy3PrS6Pi7xxGdpZclNfEJ8VWNrxqCsTY
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAXbTmM6QxsrKo3SzRxOR_4&google_cver=1&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMya...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BQ1iQo1XSQCzgDYtboEgrg&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMyaxOQT0_cv7Sk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BQ1iQo1XSQCzgDYtboEgrg&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMyaxOQT0_cv7Sk
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BQ1iQo1XSQCzgDYtboEgrg&google_push=AYg5qPIA3Glmi4KOblTLyEmcfp4TFrtA5EsX_KbYhnu4QWJd8xqVKTz-IarzD6_0PMaFGp__Oflz5LRCkUyuyMyaxOQT0_cv7Sk
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Mar 2022 04:38:48 GMT
i.match
a.tribalfusion.com/ Frame EE1A 		43 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEKniil1z8HbmWXbfYhtDHKE&google_cver=1&google_push=AYg5qPJEjRnFDdenDAYbNd3p8rC5-NH0O47WzDV04dXC-boHa-2rBiqfy32fiT39Bfx42NCt-_JNA6vdCyxHkn85qWTRK7a6G3k&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJEjRnFDdenDAYbNd3p8rC5-NH0O47WzDV04dXC-boHa-2rBiqfy32fiT39Bfx42NCt-_JNA6vdCyxHkn85qWTRK7a6G3k%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f35eb0f1d8601f8-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE1A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWtLTlZ3QVFpdEg3bXdBeQ==&google_gid=CAESENjh_8YKbB8_U-wjMsqbezE&google_cver=1&google_push=AYg5qPKhGoMnU-6YjyI0HC7_S68JruOdSA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWtLTlZ3QVFpdEg3bXdBeQ==&google_gid=CAESENjh_8YKbB8_U-wjMsqbezE&google_cver=1&google_push=AYg5qPKhGoMnU-6YjyI0HC7_S68JruOdSAm_v5Updm5xamla38B4qLD5Fusbqnfq4pZbLisxrynQK_Afp7C75D3VpEnzqHc_dnU
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1648528729.443604,VS0,VE0
x-served-by
cache-hhn4047-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWtLTlZ3QVFpdEg3bXdBeQ==&google_gid=CAESENjh_8YKbB8_U-wjMsqbezE&google_cver=1&google_push=AYg5qPKhGoMnU-6YjyI0HC7_S68JruOdSAm_v5Updm5xamla38B4qLD5Fusbqnfq4pZbLisxrynQK_Afp7C75D3VpEnzqHc_dnU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame EE1A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEMkvwQUoBSStnS5tAxFJYF4&google_cver=1&google_push=AYg5qPJVXc-g0PIGF1ZaUNVVoXOu65af56_xDhImDz-rbWv7xDWnrTh0MEb6v4cw6a6bMyvudf5QdIw4SVdYGXmwfcfItrte8g
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:48 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame EE1A
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEDMYe-YFXUoZNtOSZZnjFYE&google_cver=1&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbs...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMGJhNjY5Ni1hZjFhLTExZWMtOTAwYy0wNmIwOTdmYzM5Yzg%3D&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMGJhNjY5Ni1hZjFhLTExZWMtOTAwYy0wNmIwOTdmYzM5Yzg%3D&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyMGJhNjY5Ni1hZjFhLTExZWMtOTAwYy0wNmIwOTdmYzM5Yzg%3D&google_push=AYg5qPJ3ps5MOlKDj9aMQms4Gt5M4-VeXLgVKenpaT_RwWbeHsUtbsp1MfTHzvRyAXQfUDHNm_INILqhlEt-ZjA4bove-U9zvXq0
date
Tue, 29 Mar 2022 04:38:49 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/sync/i,19/ Frame EE1A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOIUyoUe0XnHcOdjx4Dl4rc&google_cver=1&google_push=AYg5qPLkoQHVMxqJRXRsIBJKo23BGOaPdQXu0R1T2Wgn-hE7Z2YqcSVc_MsZwkflRQlH19fcTw4fnpMTAox...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLkoQHVMxqJRXRsIBJKo23BGOaPdQXu0R1T2Wgn-hE7Z2YqcSVc_MsZwkflRQlH19fcTw4fnpMTAoxGXQu2U4_wjWRyiLg
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EE1A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K38Y0MUSJuZZ2ok3vOeXQMSE06Y8J4favUzQIkIMe33D9V4SEwwj2KZbhV0siOJBtkw4nM0Ro
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
r
eb2.3lift.com/ Frame E5DE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=6164977371329291112120&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.055&bmid=2409&biid=4720&sid=15064&brid=353075&adid=70_53694719&crid=-1&ts=1648528728&bcud=55&ss=5&caid=0&unid=0&domain=31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com&ref=https%253A%252F%252Fmustsharenews.com%252F&rr=creative&fid=10&rb=0&g=0&cb=31575
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame E5DE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 22:25:34 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
454396
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
FgxgxLhygjrzaQh1AIPDbuKeazOUGJ1SqT768AkKEdO0RLIQSjbTYA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame E5DE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 05:05:39 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
343991
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
gRJLFyq3LO2PdfwWN1cp3SlgJ_0NGTpbbGQ1rTsfh3i93m5bu8EOiA==
truncated
/ Frame 736A 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
ctar
eb2.3lift.com/ Frame E5DE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=6164977371329291112120&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=49812
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 2A93
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.055/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R53694719_Qrtbwp_R_I_WAUCTION__PRICE_X-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0_Qrtbdata_RB85mBBZpKzPK7vygOIk9e...
  • https://track.adform.net/adfscript/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Iv...
1014 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke_M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2;OOBClickTrack=
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e19c02593bec327bbce793af8496d34733c2dd0dea00f55451094b56b509f142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
862
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke_M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2;OOBClickTrack=
Date
Tue, 29 Mar 2022 04:38:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
aop
eb2.3lift.com/ Frame E5DE 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=6164977371329291112120&rev=b5dbcaa&pr=can%27t%2520access%2520top%2520document&bc=0.055&bmid=2409&biid=4720&sid=15064&brid=353075&adid=70_53694719&crid=-1&ts=1648528728&bcud=55&ss=5&caid=0&unid=0&domain=31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com&ref=https%253A%252F%252Fmustsharenews.com%252F&rr=creative&fid=10&rb=0&g=0&cb=29537
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
get
choices.trustarc.com/ Frame B69C 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
NXMlXa1OQWB-tQijMjxk0U3p3EOynJU2JIYDEugveKEOkNUmhYuG0A==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame B69C 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350148
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
lNMB8TM8vT0cI1vNYqoZ_I1Cxaj-k_xOHLrP66GE6l9rfqKB97mb7A==
expires
Tue, 12 Apr 2022 13:36:20 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		55 B
115 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:56:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		731 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 12:05:28 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		24 B
84 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:01:48 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		281 B
199 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 06:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 06:11:34 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		26 B
86 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:45 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		157 B
156 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 18:42:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467791
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:42:18 GMT
googbase_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		400 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:23:27 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 12:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491446
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 12:08:03 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515112
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:33:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:42:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 0016 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 08:58:54 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357226
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 01:25:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 11:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492389
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 11:52:20 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		1 KB
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 19:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Mar 2023 19:52:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:24:02 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 05:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515044
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 05:34:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 07:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 07:14:26 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 13:10:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:52:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
578752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 11:52:57 GMT
get
choices.trustarc.com/ Frame EAA8 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
PjDeoTmfkfjoP4CZb6DSMTxybVP03qfEUCktUQ7mFhl8NvF5PxnoWg==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame EAA8 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350148
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
VrwkZhJZunGcbW1F1FHyTXQrljyaS0ZBNTtgZ31OopYGSO4O06hMjA==
expires
Tue, 12 Apr 2022 13:36:20 GMT
/
track.adform.net/adfserve/ Frame 6BC4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53795663;click=https%3A%2F%2Fhal90002.redintelligence.net%2Fc%2Fp2a9n1c04rkg4uy%3Ftprde%3D;js=1;adfxid=1x;9070;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fmustsharenews.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
487035222e45ddc9ede9ac4bd354db3263c24097e7e7796683fc1c5fd7efedfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1951
expires
-1
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame 87D3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5D14
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENWh_HDNK7mNaO4lauJDrOM&google_cver=1&google_push=AYg5qPKv4wdTvk2jqo-hEBtoL1-06CB5Gs4D0rVz1WckNSgWa8rZ-UcNiR711VISbNPULCG355ElUMVCGXNpKRJK8k-9bQ34-51k
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MjA2MDI4Njk4MzM5NzI0NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB782gDwq2m58ex6g12ZAW0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D14
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDHGNZX74Pt3dpwmMctyAEs&google_cver=1&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60WzJm2jqalJ1hh9cn6mdnrrfSoVLnxhspkihrQ7ExmA&google_hm=-6UqicMVkVDp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60WzJm2jqalJ1hh9cn6mdnrrfSoVLnxhspkihrQ7ExmA&google_hm=-6UqicMVkVDpwlMDUbfNYg
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLAxAZcypdjTyo_x_TasRDU_pRVmpC3C2yhmsLX4iplJRyAcZOE60WzJm2jqalJ1hh9cn6mdnrrfSoVLnxhspkihrQ7ExmA&google_hm=-6UqicMVkVDpwlMDUbfNYg
pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5D14 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDRYnID3q70q08zSnv9fyoY&google_cver=1&google_push=AYg5qPKsnk6aAZoxGM53Alb3AIcMkWneeWI26rbrEmGCtLzknB3oU5wWjNrgcv679-LfqNPG3Upf7PXhcfhmZuDPu1rHM32GY8g
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 5D14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENIosmG6GiA_NWwV5chxrt0&google_cver=1&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQp6XVoFwcw6SH8GUpU6-8QB7s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQp6XVoFwcw6SH8GUpU6-8QB7s
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTkZVMDctMVMtNkJSTA==&google_push=AYg5qPLtLqR76hZMAhzn39yKxcMqL_QeUEyfyZhZipgHpnMScn-27stgtlPlydTSy2nzeRzkQAQp6XVoFwcw6SH8GUpU6-8QB7s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5D14
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6D...
0
0
pixel
cm.g.doubleclick.net/ Frame 5D14
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECnH0nagbSbqmBKobn_J4eo&google_cver=1&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOPJjyXU24fszf&google_hm=8754594ed3efe6a5056aec7f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOPJjyXU24fszf&google_hm=8754594ed3efe6a5056aec7f
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLAwECKgtQlBT82rvkxh94XEOkurHuUtA-9ZcT7vIRqbtz13u6hRf5aJjLvvmO1WFCV_fXcDpAkoP8DhXoOPJjyXU24fszf&google_hm=8754594ed3efe6a5056aec7f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 5D14
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAqhLcoVdmiIKiGKSos2c8s&google_cver=1&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71FOu7NXQbzSGPj6h9jjs3aWoBUP4MWLnpc6ewfViEO94s
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71FOu7NXQbzSGPj6h9jjs3aWoBUP4MWLnpc6ewfViEO94s
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0MjM1ODEwNTgxNTAyMzc3NjU5OA%3D%3D&google_push=AYg5qPKrCXgG__A_HKyBk5QS94Ts2eYGh-2-iUSDsHIYujgcX9QI_71FOu7NXQbzSGPj6h9jjs3aWoBUP4MWLnpc6ewfViEO94s
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 5D14 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I626AgfhqnlA4KppvgS5RhCT2G5ZpAwYU54MONafnyFzGZWLK6gekLM7rmdnEqcI0hRRmK
Requested by
Host: 31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
URL: https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ttj
ib.3lift.com/ Frame BB5E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=SG_mustsharenews_res_article_mid1_autoads
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
/
Resource Hash
6b6200283c26910adba5aa53c3e1dc4f6ca0baa54b522c636e9bcf608fb77284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:47 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
age
619
etag
"c35cde1f0b828980a8743052c8526b81b448cf1c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
content-encoding
gzip
content-length
2025
x-amz-cf-id
nFjSFT1rA4qoRWSo-GUgR7smgQ_YcAuS9kr5CE-MoOICsT0_Nf-_Aw==
notify
tlx.3lift.com/header/ Frame BB5E 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.151&ts=1648528726&aid=4948238301475243652220&ec=3690_62334_10406292&n=GgDyAtUBCAASFjQ5NDgyMzgzMDE0NzUyNDM2NTIyMjAYACABKOocMP7mA0ABSABQAGAKaABwo4ADkAEAmAEAqAEAsAHGAbgBBcABlwHIAcYB4AEP8AEA%2BAHGAYAClwGIAg%2BRAgAAAAAAAPA%2FmQK4HoXrUbjOP6ECAAAAAAAA8D%2BoAgCwAgHIAgTYAgDxAmZmZmZmZuY%2F%2BALhOIAD0AKIA5gCkAMAmAMAoAMAuAOx%2FRLAAwDIAwDSAwgxMDQwNjI5MuAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwA8YB%2BAIMiAMAkgMEMzk5NZgDAKAD1dMHqAMA
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame BB5E 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=4948238301475243652220
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 53D2 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 086A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 21:47:23 GMT
expires
Tue, 28 Mar 2023 21:47:23 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
24686
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3DA6 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2596babe09691d05a9a4ddf8fa424a1b47966d920aafbcfe1f762784c219528e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ReAmXEIPoSOmKBQ/Y+xiRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 29 Mar 2022 04:38:49 GMT
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ReAmXEIPoSOmKBQ/Y+xiRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get
choices.trustarc.com/ Frame 5DDF 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
zdPoBg_KNXtyoKRalKGfZPbiodYG8Oip7Pz1kTPDJGO43eMTBEYEeA==
expires
Mon, 18 Apr 2022 06:28:20 GMT
bundle.js
ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/ Frame BB5E 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=SG_mustsharenews_res_article_mid1_autoads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 15:56:45 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 15:56:23 GMT
server
AmazonS3
age
1600925
etag
"72ce81d7d81987b2256ad6fa329008bc"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
82367
x-amz-cf-id
cNFh_MPySnN7_z6RnzZRBjOERtHsu2pxZB5ts11N8LSaR82bAW2H7w==
truncated
/ Frame BB5E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f659d4f475b2146d4bcf985a957276a490c80ae36e3a1c6fc12a914fe38db3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 708D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI3aErAZhMBFlgUBKcMGnmKEgaYacSjPffoI0FBGIZ-VruW7cHz0aGplNSsZSSPKg2t7uaOPsjlQIj7Ovjdz1uvp_b4lhGSruVGlK8rABUL0qU3KKN-FyFAMC7J5A73MFXSRuUSd9JNBaCmP2PBKAalmU&sig=Cg0ArKJSzK9sklas81d3EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=528&vt=11&dtpt=385&dett=3&cstd=139&cisv=r20220324.52878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
pagead2.googlesyndication.com/bg/ Frame D1F6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
55458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13603
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 13:14:31 GMT
truncated
/ Frame 6BC4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
National2-Medium.woff
s0.2mdn.net/creatives/assets/4372196/ Frame 0016 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4372196/National2-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:25:15 GMT
x-content-type-options
nosniff
age
814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:01:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:40:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 53D2 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e26b9ec3d39953c018a5696e13aa3c4f40db07104e140d24782b601cdd463d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5350
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3014 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdg6OjI4HscFiP39ZNVqnlvunJTnhSy4AfX-SbW6abPb3G9TWpIhcMRi-QD34VBVAQV6PfvxD5ELYnhsmnHWLp-ILpEIKUi_MSj8zlQqa7llFX9soJXrMPL3_GHisOhRFLJot1j45KFUTQiD09mEZXl0M4A2wSRtzEl2b3dkQTDA9r1S_mDcTKEyAjZ1iLXRqk4AaS2gzkCiw9r78ca1QQA3DUNM-1yqBkj0-Jjzb0jNgpLWP7QMIgck4qKaxkneD4iL1NF38ztVnlZ8TUDZlv1KNTdmZHYkmsUAgy670wW6M0N129Lbxy8L87SiVwcEQsVo5exrBGikgGVmxl_Yxawz1ZmCzDL36HUjL4YpyXPe_2Cdte7eWvSC0wsj4d&sig=Cg0ArKJSzDqgY0KFlge-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Mar 2022 04:38:49 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 6BC4 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:01:42 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 2A93 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.055/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R53694719_Qrtbwp_R_I_WAUCTION__PRICE_X-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0_Qrtbdata_RB85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke__M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/iNZNU0NX4FSslciXoOiaPKO-McqjWzly-GkIkfTpDRdTuFqZAa3Idc6tfGnQCK0EeYimSjMVPModm4q_kUIUxlyBkUoLdBeZuMTalfqmDRqkUZ0sMlN0H5WgNvkRGe5odsaGv9qfy03djVfGkQ0DZPrsvS_YS3HZilcNM1jCasrRihqL22lRE4W_6GkyDCwkJQ861qKPSaa8QFsyBkSbNeBG9g1SoAfGBHSaMe8Cqi5LxLdnLVsDL9JABZEiNo-od9Kql5cwYgDXTJN4IRYHd9ImCwng1P_-MZaoY_c8dj2iXObqzvdUFQRCzjioSBLunX1BIDXKj6091Ee17-1r5MG7bTr_19DTcIAIrNURAaWMvid2nIjKUBHEJTk-WV4LUSmG8_V9CfJNwpdOjMok5W--9GdoOAZZPS7Kns7jZZaUISn8ONM4F6ycvfG-TZyMmeaLrKxm4sxyjHV3i3xMgpneKcv8i3y65UdHQcJ02z18RSvyGbgtMgfcfRA848aMTRHqAc9nu26whtzWEgkFKCLlxC-28rN_jO2XJdpT8Hp9DlVS4bsSUmsh8WXF7eNd8yuSUt_gQ1-oH2pmmk2E5fZ3IUooZnvDs8fP2Guybd9V4cuXN6ciBnXsyD1rMk2iFiPBeGM6lVbX44upGcAFZ7XxaDvAtJXjwcZyTJXO-d1Ldf4CdCvqYmVxVjYRTEVRMQ3pR8b0MqTN59vHDvRd1uie1kFVeq1H5-qTbsn9h9Bjc6_AMv1XyC8AlJnXkDABw2E4Q8diFPchC-xaGkMEO_NGJZNPJvgbjCiMf1IRhBekxBg7PrJzu-SOonesfTrVAZKObGO-C2LV5-ED7b8y0CNWN-ZJW5-bebTF4XOqO3MfzckccyLs1kxgBqaEOJ1pD5ykIIp1DVbsoiPYVJH4nsC3RsMuuZ1UpKCw5atcXIJbDnCVDDKjUQ878WZgeiUMVAgafnpssfg2hzDrDm01ZKUm79Aw8HafW60MNNXwEmU5pyE/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:01:10 GMT
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 53D2 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 53D2 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b40eb0180e01e389b252c7ea71410958e9e6243d2b8537a5c87678c8f17ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=WmhGRHiYhe&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:09:35 GMT
x-content-type-options
nosniff
age
37754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38029
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 10:15:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 18:09:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 53D2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BF11 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyXfBhHpPzHAArdW6samWuXRy0cj-vqHTrUF0rlxmJMLBTwtajKiZGITHI_Iqoj1c5I8TqRNBZTwwtB_2yrVHV3QfYHBk1vHz491vTSKPEZ4LUa6qEshSYh1Y1jd0A6vj2Owmke3gz4QK5TcfpTAbnnWs&sig=Cg0ArKJSzMIa-vr2JWltEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=490&vt=11&dtpt=338&dett=3&cstd=149&cisv=r20220324.90069&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=SG_mustsharenews_res_article_mid1_autoads&aid=4948238301475243652220&rev=b5dbcaa&pr=un&bc=0.198&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10406292&crid=-1&ts=1648528726&bcud=198&ss=12&caid=0&unid=0&domain=mustsharenews.com&ref=https%253A%252F%252Fmustsharenews.com%252Fspf-arrest-scams%252F%253FisentiaPostId%253Dpost-1&rr=creative&fid=10&rb=0&g=0&cb=45195
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame BB5E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 22:25:34 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
454396
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
fHIM_iwDfaIM2pTQw4tnyDIjgi2e5Bj3UYCNYX8gjj0LXKJ0QVfmSA==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame BB5E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 05:05:39 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
343991
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3518
x-amz-cf-id
kDUUfRfRXYJwXStI-wQ7Yr7NL5o7A2YIqQUz-8qIzdbROAPjpCISwg==
truncated
/ Frame 8708 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=SG_mustsharenews_res_article_mid1_autoads&aid=4948238301475243652220&rev=b5dbcaa&cta_render_method=1&cta_render_text=&cb=45622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame 0E6F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NzYzNTE1OTg1MDA0MTU1OTUvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzM3JKeU05SDJ1aHdQUVlUM0VkSml5Yy8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTc2MzUxNTk4NTAwNDE1NTk1L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/9i4rnO8n-6rG-FgZvg4PSqKAdu8&nodeid=3012&group=cdg&auctionid=8576351598500415595&shardkey=8576351598500415595&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.159
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
fa9bc9f1fb1903f53ce6f4e8911eb5b5e684fb280667c9d5f778bb269f9e9d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1648528726
Last-Modified
Tue, 29 Mar 2022 04:38:46 GMT
Server
MMBD/3.305.0
x-mm-latency
1 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x83, cdg-bidder-x176
Connection
close
Expires
Tue, 29 Mar 2022 04:38:48 GMT
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=SG_mustsharenews_res_article_mid1_autoads&aid=4948238301475243652220&rev=b5dbcaa&pr=un&bc=0.198&bmid=3690&biid=7265&sid=62334&brid=49187&adid=10406292&crid=-1&ts=1648528726&bcud=198&ss=12&caid=0&unid=0&domain=mustsharenews.com&ref=https%253A%252F%252Fmustsharenews.com%252Fspf-arrest-scams%252F%253FisentiaPostId%253Dpost-1&rr=creative&fid=10&rb=0&g=0&cb=67891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame EE18 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=28850
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
f4831b445e7c4ec9281c513dba7e882e402baed0a75374e94370c6f5757f2e44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-type
text/html; charset=utf-8
content-length
518
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
get
choices.trustarc.com/ Frame 8C0B 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857428
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
fZtZHH-uYw9xMkiuEH-ft9COUZZVJiJI-fbfNfCkFXl2R7mjzcTB2A==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame 8C0B 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350148
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
z6rp0Hjo5AT0e8rpu6NqP8kzpo9OZasligSCLDC3RtxdMAvk_Reqlg==
expires
Tue, 12 Apr 2022 13:36:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0016 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0d05b0d0b3a46304d710a7457a57a93b6b48aa78163797650508b9090ed76cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5516
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3DA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220324&jk=4502625534196468&rc=05ACxne1NYFRKOLmQTyLbFvO0XUD8Dt33nxRWCTXCscPmy6bDsiAZI9TdEiOIJXT3ZnsVQk7lZHFoG_gramxiQMNvimey-Pl-QLjhEBbmmtwHpSjtGlnkg39yDnCTJn6XcPuOUrKS1cLuvzQJ2DzmlSUrWAmR41UpfbFruGtrQv414GJsbFioCPbz0YNHiVdn0fo3IdlSdbxGTk5Gt_6x86Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
/
track.adform.net/adfserve/ Frame 2A93 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53694719;rtbwp=0.05885-PSyENo64ivpCaAsY1mE9cN0RJlwubEiS0;rtbdata=B85mBBZpKzPK7vygOIk9e-Ya1TCRnWL9M90fjHmLQogYdMxSUaDlgNzHfj-38QGB3vVXFYhyQ47FmjU75fHpKoTekk4Ivp3wv5YqwbLUke_M9ei7HxcOUy8lrCampsxciCdlPlHHhB1xOy8nt6nPEA0lsi6I1x8eG2UR6NZWJpiogNgpbRMFSYcUnFwH6YhHKsJ4Nsciu86RV-QcE45NG2w9prhkNx10M2DT20IMeWpB4SKZKGrNxw2;oobclicktrack=;js=1;adfxid=1x;1828;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fmustsharenews.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4f8da3c5853e586acc9373a8d674ca69a6438bc38afe8c5f6096905d923d9674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2152
expires
-1
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3352060286983397244&dongle=d407
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3352060286983397244&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3352060286983397244&dongle=d407
pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
ib.adnxs.com/prebid/ Frame EE18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3642358105815023776598
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame EE18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3642358105815023776598
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AADQWk7EhRsAADM05_FC3w&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AADQWk7EhRsAADM05_FC3w&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AADQWk7EhRsAADM05_FC3w&dongle=bzwx
Date
Tue, 29 Mar 2022 04:38:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=21249a50-af1a-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=21249a50-af1a-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=21249a50-af1a-11ec-9746-d710e3bebab8&dongle=d54f&gdpr=1&gdpr_consent=
Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
21249a51-af1a-11ec-9746-d710e3bebab8
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=fae8f556-3ccc-47c6-b074-efc69daedc15&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=fae8f556-3ccc-47c6-b074-efc69daedc15&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=fae8f556-3ccc-47c6-b074-efc69daedc15&dongle=31ac
Date
Tue, 29 Mar 2022 04:38:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YkKNVwAQitH7mwAy&dongle=3c0a&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YkKNVwAQitH7mwAy&dongle=3c0a&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1648528730.824242,VS0,VE89
x-served-by
cache-hhn4047-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YkKNVwAQitH7mwAy&dongle=3c0a&gdpr=1&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2467237507975114060&dongle=4d58&gdpr=1&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2467237507975114060&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:49 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
521e1f3d-7f22-4c19-a9f2-cc49c927b946
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2467237507975114060&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f9115326-c831-4821-56a2-54779e58d4ec$ip$217.64.151.30&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f9115326-c831-4821-56a2-54779e58d4ec$ip$217.64.151.30&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f9115326-c831-4821-56a2-54779e58d4ec$ip$217.64.151.30&dongle=4430
Date
Tue, 29 Mar 2022 04:38:50 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame EE18
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=050d6242-8d57-4900-b380-362d6e8120ae&dongle=3995&gdpr=1&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=050d6242-8d57-4900-b380-362d6e8120ae&dongle=3995&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=28850
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=050d6242-8d57-4900-b380-362d6e8120ae&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Mar 2022 04:38:48 GMT
uten8uck00se
hal9000.redintelligence.net/zone/ Frame 0E6F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=0&gdpr_consent=&rnd=8576351598500415595&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652220%26mt_aid%3D8576351598500415595%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
48bee65ff86530c82cd215a4024d547a6d252f7df579b938e821a65e9d4d03bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2877
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 0E6F 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=8576351598500415595&v3=1129274&v4=11142481&v5=10406292&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NzYzNTE1OTg1MDA0MTU1OTUvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzM3JKeU05SDJ1aHdQUVlUM0VkSml5Yy8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTc2MzUxNTk4NTAwNDE1NTk1L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/9i4rnO8n-6rG-FgZvg4PSqKAdu8&nodeid=3012&group=cdg&auctionid=8576351598500415595&shardkey=8576351598500415595&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.159
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4267 dd20a5c master cdg-pixel-x6 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
X-Akamai-Origin-Object-Size
43
Server
MT3 4267 dd20a5c master cdg-pixel-x6 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:48 GMT
img
tags.mathtag.com/event/ Frame 0E6F 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=8576351598500415595&st=11142481&time=1648528729&nodeid=3012
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NzYzNTE1OTg1MDA0MTU1OTUvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzM3JKeU05SDJ1aHdQUVlUM0VkSml5Yy8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTc2MzUxNTk4NTAwNDE1NTk1L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/9i4rnO8n-6rG-FgZvg4PSqKAdu8&nodeid=3012&group=cdg&auctionid=8576351598500415595&shardkey=8576351598500415595&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.159
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x93, cdg-bidder-x176
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 29 Mar 2022 04:38:48 GMT
js
sync.mathtag.com/sync/ Frame 0E6F 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvWVdRMU5EUTFZVGd0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NzYzNTE1OTg1MDA0MTU1OTUvMTA0MDYyOTIvMTExNDI0ODEvNjIvY0hkRXZoNjNwSFZyajV0bEM4VGpzM3JKeU05SDJ1aHdQUVlUM0VkSml5Yy8xLzYyLzAvMC8xODUzOTIxLzM2NDQ4ODg4NjIvMjE1NTQzLzExMjkyNzQvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTc2MzUxNTk4NTAwNDE1NTk1L2Ftcy8wLzkzODUvNjQvOTk5LzI1OC8yMTcuNjQuMTUxLjAvMC4wMDAvMTY0ODUyODcyNi8xNjQ4NTQxMzI2LzYyLzcyMDcv/9i4rnO8n-6rG-FgZvg4PSqKAdu8&nodeid=3012&group=cdg&auctionid=8576351598500415595&shardkey=8576351598500415595&sid=11142481&cid=10406292&price=0.198&bp=a_bjiibd&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.159
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x3 config:1.0.0 /
Resource Hash
c888ee94c1091a6d462433d7e5c71b872d53992983459bab21ada8d50efae413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
Server
MT3 4267 dd20a5c master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Tue, 29 Mar 2022 04:38:48 GMT
ww-logo.svg
s0.2mdn.net/sadbundle/6538174354311107868/ Frame 0016 		864 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6538174354311107868/ww-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
485
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 13:09:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Mar 2023 15:15:21 GMT
60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
s0.2mdn.net/ads/richmedia/studio/60021267/ Frame 0016 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60021267/60021267_20220203021504109_WW_0222_Prospecting_Program1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6538174354311107868/gwdimage_min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b40eb0180e01e389b252c7ea71410958e9e6243d2b8537a5c87678c8f17ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6538174354311107868/index.html?e=69&leftOffset=0&topOffset=0&c=eRH3eadKI0&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:09:35 GMT
x-content-type-options
nosniff
age
37754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38029
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 10:15:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 18:09:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0016 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:38:49 GMT
/
track.adform.net/csimpr/ Frame 6BC4 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53795663&csi=MyMeDq0xiuA9DRKLGECUYfr7bDoJhyWlmoGpSmqCskMJDwKV3Zer3Ds0zosS-KgZDOYJQshWJtc4cWJ_TIskq96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90002.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90002.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 5B42 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 086A 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
sync
eb2.3lift.com/ Frame 0044 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=77918
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/b5dbcaaad667d54756cc1e78e73a1e2616cc2b6d/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
8912a98f5b1d3524642af2cce432800de245dcf0ee182c20a9408959a52cf28f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-type
text/html; charset=utf-8
content-length
597
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
10998794.js
s1.adform.net/Banners/Elements/Files/160090/10998794/ Frame 092A 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/10998794.js?ADFassetID=10998794&bv=258
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
287831b22c921f42f02cd1dc601ab687fdf107965233699abd72f4df3b7cb0b2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
W/"622b19dc-1b815"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
request.php
hal90004.redintelligence.net/ Frame 0E6F 		612 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=49d808923f&subid=&uid=017cdcd6b6865a1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652220%26mt_aid%3D8576351598500415595%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=7114003979543&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/uten8uck00se?subid=&gdpr=0&gdpr_consent=&rnd=8576351598500415595&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ss6&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652220%26mt_aid%3D8576351598500415595%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cb1f43c37874f6fe8beff14fe22fbd55f89d279dc38b775c83e21f9e70d85b28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
79199000021345004380390011913004
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
327
Expires
Tue, 29 Mar 2022 05:38:49 +0200
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame DDD6 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 2A93 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:07:20 GMT
current
triplelift-match.dotomi.com/match/bounce/ Frame 0044 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
xuid
eb2.3lift.com/ Frame 0044
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame 0044
Redirect Chain
  • https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=052705a5-42da-4d37-a482-89ecf083ec49&dongle=8f7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=052705a5-42da-4d37-a482-89ecf083ec49&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
http://eb2.3lift.com/xuid?mid=7666&xuid=052705a5-42da-4d37-a482-89ecf083ec49&dongle=8f7
date
Tue, 29 Mar 2022 04:38:50 GMT
content-length
118
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
cookiesync
bttrack.com/pixel/ Frame 0044 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:49 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
xuid
eb2.3lift.com/ Frame 0044
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=x62rmsn7qp_c-qacyKyymJKqq5zcrKqZxPngpFkc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=x62rmsn7qp_c-qacyKyymJKqq5zcrKqZxPngpFkc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=x62rmsn7qp_c-qacyKyymJKqq5zcrKqZxPngpFkc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame 0044
Redirect Chain
  • https://sportradarserving.com/sync?ssp=triplelift
  • https://sportradarserving.com/ul_cb/sync?ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=7963&xuid=2f7fcda1-eb79-4a1d-acd7-1fa01c24031c&dongle=3oy7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7963&xuid=2f7fcda1-eb79-4a1d-acd7-1fa01c24031c&dongle=3oy7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7963&xuid=2f7fcda1-eb79-4a1d-acd7-1fa01c24031c&dongle=3oy7
Date
Tue, 29 Mar 2022 04:38:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 0044
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=Eypoixf11Nz3D45&dongle=465e&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=Eypoixf11Nz3D45&dongle=465e&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:49 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=Eypoixf11Nz3D45&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 0044
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3642358105815023776598
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FWY4MSEHTV6PBPXEDFWX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3642358105815023776598&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 0044 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.68.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-68-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
content-length
0
content-type
text/plain
value=3642358105815023776598
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 0044
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3642358105815023776598
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3642358105815023776598
43 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3642358105815023776598
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=77918
Protocol
H2
Server
3.104.87.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-87-238.ap-southeast-2.compute.amazonaws.com
Software
Match/6812.9725ec058d10785847aa2744ccaa7abd1cc33b64 (i-0213817279f421350) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:51 GMT
server
Match/6812.9725ec058d10785847aa2744ccaa7abd1cc33b64 (i-0213817279f421350)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
image/gif
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
server
Match/6812.9725ec058d10785847aa2744ccaa7abd1cc33b64 (i-00b70f5a782e1681c)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3642358105815023776598
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 092A 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:49 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Enabler.js
s0.2mdn.net/ads/studio/ Frame 092A 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:44:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C924 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZPCbnbhV-FdM_FkpwV3OMe6aRu3UToLC6_E7qd6qM5lUHWyWkgF-IHkTlJJ-_Ze7MyDytgNNL7AojMYkwSgh8&sig=Cg0ArKJSzMPYh-OP9opzEAE&cid=CAASF-RocNMxsnCaD6TSeHfn9-cVWgoA5G3l&id=lidar2&mcvt=1034&p=0,0,90,728&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3850223879&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648528728625&rpt=364&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal90004.redintelligence.net/ Frame 3206 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=uten8uck00se&nw=20&renderingType=javascript&namespace=49d808923f&subid=&uid=017cdcd6b6865a1b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Ass6&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4948238301475243652220%26mt_aid%3D8576351598500415595%26mt_id%3D10406292%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D050d6242-8d57-4900-b380-362d6e8120ae%26mt_cid%3D050d6242-8d57-4900-b380-362d6e8120ae%26redirect%3D&documentReferer=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&ancestorOrigins=https%3A%2F%2Fmustsharenews.com%2Chttps%3A%2F%2Fmustsharenews.com&random=7114003979543&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
48a85c1327a8b90e815c921c5e8d5a2575066841e088a4d21dcf5ca95376ef14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Date
Tue, 29 Mar 2022 04:38:50 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 29 Mar 2022 05:38:50 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1417
Connection
close
Content-Type
text/html; charset=utf-8
iframe
sync.mathtag.com/sync/ Frame FD92 		629 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x15 config:1.0.0 /
Resource Hash
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Date
Tue, 29 Mar 2022 04:38:50 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4267 dd20a5c master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Tue, 29 Mar 2022 04:38:49 GMT
Content-Encoding
gzip
img
sync.mathtag.com/misc/ Frame 0E6F 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x16 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:50 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87D3 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuhagWI1CYv2fOaCDjuwP4pup8AEAAAAAOAHgBAI&bg=!REelRwPNAAbzJazn0yU7ACkAdvg8Wj6ZuOEke9kXffgiI5N3n2DRfwDWLjSHbRu3VwrI37L4EQmMnAIAAAGIUgAAAAJoAQeZAyQ8y1hH8sNbffKum8paPy9HqRe4MwsaMQvIar0ZsHyoyoIAs5b5Bcoh_-L9UYU1AW4492KW3fcnqdK5vwHyzTw-PIK9zR_Pq6Ncvi9GBCJnd6dxee95ybYYG1BM-ZFOQya2ia_Zjfl4rV2uxmylG1jhgM7LLG2UKt1VVJYAIFbFPPJld5ykVBiPka4WZ2R7qbCPgsJ6CwZq6TSKLSpcqsgSL8Z_7P7xL4p6OL6afIlDtnliswh7gc6m0CkzWU1VFiQDxzSgid0hiZFt6QDRPtIPqWZzbs-GIhfDnTozBvE2sP6Ewe45R3CbsjoNff31rj6PKYapkXaYABHs7BiEm3B06M2rlVUPcE6I9gyRiNQCPY9qNCljhcp_tjZ78e4GTBz_ndzpzE46rwYMCx3EAWq5DFlCWiGrFv2BgZqx6yEACNm0rmJDuDilvZI7JeWdPppiX2UYGNbW3KtHazzZdCbIUc3EzBhiuV6WM7kih2PCdFX5Y4mUNhiTmcjRAoWkCnvan4bBaDHDrvX_wEkm4QsJd9syg_AnFKFhKEm0B6_7qT-UntG965bvdYC-GgnaiePEuGe0sXZYjs8yfRpB63-ypRdMIEjKm480vX-WP9pLmHq_A5d7vpbrtwdsHUVPrrqO8veySGci61COOmDImi19-LP-wc40ByCxSOh6RqwKQGgBNTe1bf1yzHUb7cwNKwvRBJhRSI2PB3pIV4mMyU0WEvDoM-kjJo9N3RRtmyd8vRhPxP82h5RX3Vp3ag250FUWi1zdiOl70tU_SNc5UcHghBZWZBhZx9uFP_v2nawRLfaDGYZsDdYd99LBulpW3Xz4HqTD323UkGbFrLk-DzoBr937JOuAEIAQG1Ejt2G07R4yrHQgQdiV1oobyz4mOi_zKsgfAFFQU5AKyyL5aorJdGwJFOAPkRZnp32kliO5XJSTmL3nV1hidgjdVW2HLZp7duxftXF3umoaoqtUgPcmGT2t3dSTq7O-lPnKhUvKRHp7H3ZeXTkjzevRA6lQY4EpPuxOyzKGFhMV-aya6YAO7_NHm8ykTIZVgFOsE6vSnvvP2Wc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame 2A93 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53694719&csi=3d5Ee1xMXO__w8IcRrSq-FjKidU2zmR2hNT4Gi7iKN7ZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
52064127.jpg
s1.adform.net/Banners/52064127/ Frame 2A93 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/52064127/52064127.jpg?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f3366bbeb603eae5ca619e79b677a23d4e20cc524995ae2ed66cbb358f4aaa65
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
last-modified
Tue, 08 Mar 2022 11:34:35 GMT
server
nginx
etag
"62273f4b-1bdd6"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
114134
/
track.adform.net/adfscript/ Frame 3206 		740 B
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=53795663;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fptfn6gj4l066tdo%3Ftprde%3D
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1ee08a533b056346608022754c50e8f5abbd070652da7346b7d1c832f7a9f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
542
expires
-1
viewability
hal90004.redintelligence.net/ Frame 3206 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=79199000021345004380390011913004&a=2e15e2e7&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
img
sync.mathtag.com/misc/ Frame FD92 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4267 dd20a5c master cdg-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=050d6242-8d57-4900-b380-362d6e8120ae&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:50 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1F6 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3lGnWY1CYumHA8r53gP4m58gAAAAADgB4AQC&bg=!FBelF1PNAAbzJazn0yU7ACkAdvg8Wge_aiYaJV5rylxJAVVYufKLdipTrS8v5Lx-ZelSGrWS9GQN-wIAAAGOUgAAAAJoAQcKAC2l3kOHusZBypue9o3cFIzzMhzAegXkkwZenYfgtf468fblQkl-3hfvFhCQloKZAz-e45SmbBo1cOQ69LhAMiN7mKvgrmELfAF-Zxzu64mmGih3uoqprgJZNvWmSDiPsh6-514k8Kg4mNTwFMSYcLqslriXQGn1fkQ8MZDNzRx-F-IK0ZQ4sRYICkg26mC0eUV6G09ydssY-lFOfc4jRKKVDFltxnrI9plr4dygdPoI84hLknQvy_sqrQBbmokplplhMnwWVLodIg9kJOGe9fOV1gw8DJeu0nmdno07_sCtHiMg7cD3VTZv5tLUJSSWwItpKldjGe9TBYmQBdrY1WBHOvyWC949E9WUPSXUGHWyTWHTo6AWszr8d44mZvLb304Dp38Tc3twjD82FbrYLRF8zRDIk8Mlm01LP485yCOVb2d9zg6cAq1pOhjr4A1yd7m1FLuElkryco_wtbNILL4KOzGJy0CRNkIfvpuQtEu9TQBnhM0_HX0xs4VoitkIh-JFZ_J7weXkhUIOlWJVzrqnP8BIHJcuLxbdIVdjjvb_Wr5BNcmHj13HC3dtFjEJI0N6K6lygfk3gmriioqjfksqTuU6IwpDF8OdsQAURAWRuTp3x335xwizPh9UnNiRbXw9gWmJ_ynXK7RVNewAfJr2_I2Mq2u6KdcIQ0GsR2nyfD1f5AsTXyZKthsfCPgLvZVEvCwLx2dQDpXuIV6uN7towKrp95PUULaVyjm6XTCcZ3MWscvWS4G12_g3IxyL7CASKIiHfkQYXZuDKFybyFQ-uAuBjV0L_6kG-iCyywzeWFUf-sND1NUJCzAy07XApr8DStMcghv8bldf1FeBTIV0DN6oErYd2HLiPPtW_8XR1fIkrh_WkUAuzj3u7ft-VuUjxFO-UzyLjFQFkre6fFuMhGq7RFJu6J-qTVXj_MLx40_EIW1bTKPcCWUrVDsJjFHgj8BQDt4Hj53PgTEgDhYNYKP7BcBjUM_LKvD0KhWv8f0DAso3sj54IeOqKfAUJ_LDYCgjhL_ygvB40k5mFQLA8AX6_AXLbV_qmjEiQWaS8R1veGQr1nf-eguM9CLBy1-xfi-BRUD1r_jMQQUvQYqIUdJDSMS8-_OR1Dl5ob-RJcl1Prnrs50UHtWyIQKgjnIwGYL9gUs_1VH8UIQhvqs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 3206 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53795663;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fptfn6gj4l066tdo%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:01:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 086A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vFX4Lg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
track.adform.net/adfserve/ Frame 3206 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=53795663;click=https%3A%2F%2Fhal90004.redintelligence.net%2Fc%2Fptfn6gj4l066tdo%3Ftprde%3D;js=1;adfxid=1x;8487;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fmustsharenews.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9c39dd70f9f883200177546ecf0bae2824c4ccf23760de5d1bc5ab0c24f5b960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1955
expires
-1
truncated
/ Frame 3206 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame BB5E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9lrO5oQzPAKpyQoVFB2-ihJWxCutjzte_35H6zcikGrB9Ej89eU9hvih6cqFMVNh4n1w5bV4Im5pGF5ywo6Pi0suxCGlF6GU92ywQzZ0MCnCpf0uh6wr72vSaX7cYTI4agKqCrMVBUrQ236yRcKJdhskCcFNGQvKOIPffBV_fPedTqG8vXOBYTmFvrPfI4yC5TVn88Imz53-VuFj4EVQt3a5VQVpGz0h9HDBWvmPIHfLb2zT9ISQHyjpUWH0PBWtpAF-LQ1LwBgQDYMRxcYi8010qjYgs6zMQ_vEqMTxlWF9Ir_7P44jP-dFqVpGsQiRM1CIiS7jvVfBnVnyeWAxA_3EWpez1XkqZ9jyfs9SMcpPIfw&sig=Cg0ArKJSzBWva4ZkU7pSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 29 Mar 2022 04:38:50 GMT
all
csm.eu.criteo.net/ Frame 1B0C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nZQUw6qwitWduzSmVnNtNHD69kLk1c2-l0Pi1ur5vJ3E87xrUxKKpsiJVb0dvY_eynMotd4Z1_K2KtNeVjAS49BJIEorepNWML5KVvSS0AAD0R4GwC73mU2cvC_5Suv5HahAcvoAe112IZQzz0CYg_1P_pWAj8HsHChmwGV1CL3wafWm_zr0-7sQ9Vv_i_hd6fJZC_kploTz4b71mczSyBjwcFDx8JfStpdPsNXmMYZRVdBimL6QS5OQBSmR3fv6fs7WBZHe71Su0MBb&sds=2&rev=80956&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKNWAAJ1SMKd4hKAAXgJya_6DPkOUtDCaf9GA&u=%7C0huEbzZEaWEk1EW5IYzzfyqluM62tL%2F8JMb10%2BXtS3k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM9SPP5Y8DX0qzbmA5iv6eoPM5xoLvIPPq8LJQKtc6jdi0o60OyJ6s8QZ2hsTHWoHqZfUJj_ii80rqCbZrfn7d9G22x_EnuwhWLbUEYoAnvF3CHGT6DWwWPRyH9XzQs7x9f4ZteRevpo4KIRG6OS8Us6No-x2V2NujcL6MLg8Vr-144kLINxWs3WNu3Sua9hZVwFxFJr6P2yQCOuMKTexavSZMEAA_u2zDvqDLfJlvrcpHO4ctT3pc9k-fJmFNh1jLiHoUvPSuhaj-u4QXWJRNgNaj--dXFfBrYUd8offV7kE_JT-T6Yqu1cxZ_-H9KjCO3iGbHEdbu2IOzhIwdBfKgzZT5Jz_wlWjsnpP-EpWfCHjxu1E4VT8t9wFYR9JxQjPrLT5sKtqRi4bEeMc0bNL6uCwiX-zBZW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZxOrWI1CYqOqJ8qQ3gOnwJfAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTk5NDY0NzEyOTM2MDMyN6AB1bbS6gPIAQmpAr4Xm8ULarI-qAMBqgTxAU_Q0D4FiYI1n5j9vXwGYUJrugyxn46b37a6Bnsk6M8zis2t2Wls53AM2EVLwjCjhYvHkXvij7YkOYP6tjsDbMqeFKEDtLJ3B5qWGnSr2Gy_hib38VzQvGtrNz4A9OmTol45v3XAtlp6JLwUgtCZRYEO0jV2gHcro_vtMg02XsEFejcw3YQGRry288u3MWASJ2SNi65O0nK6pfB59s799s5knLWrbziewyFducOHQUl4UT5DjlNq1ei8YMNuVQsLm-fHFVxQPgEZTS4zbsAyO9WvBnUtpdsgixoIA7MQ4bdnBzq3_4xzaEg7vMcMmhA9LMKABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MrmknV2vS2jOlYoJ4YlzY9dyYGw%26client%3Dca-pub-9994647129360327%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:38:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame E0CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttb1Cjly95J8equejYgPdmZ9839dRaw_1XlGAkXryxGbGgClvFLDtwB9EmWR1pBDmLqkZYaNveGHsWkd6N0mfMy73IX5MokxL0d2Muc-MhlaesHSwv&sig=Cg0ArKJSzMDVtW2l3He3EAE&id=lidar2&mcvt=1001&p=974,436,1064,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220323&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1573795440&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648528728102&rpt=1215&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.trustarc.com/ Frame 708D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19528
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
oCkm5oECC5kWiDYUZVBHDZzpkt6LGxufEva1fasQGL3XhpTvV3yrIQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 708D 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16856
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6j70c616BPU6x_2cfva4WsUTR6VvAKnfQsCWLkazsCKnn83ZYpJ9rA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 708D 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=0419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
tLmUX1IClhVUM0RBUkR0D6YIw3_zO6h-iBB5iElH2E508x31yFd6pQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
choices.trustarc.com/ Frame 708D 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857429
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
VDmhLqF_Fl4WLWegB6GsfWvs_1BsO-UM3UmxcZNKCXJbnYtHjfCwMA==
expires
Mon, 18 Apr 2022 06:28:20 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 3206 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 30 Mar 2022 08:01:42 GMT
/
track.adform.net/csimpr/ Frame 3206 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=53795663&csi=hJxLUB5TgTKxZq3LtoLzd2qIHP32rkEomoGpSmqCskMJDwKV3Zer3Ds0zosS-KgZFdFHdZCKA0NIrAN18FJKJd6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90004.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90004.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
10998794.js
s1.adform.net/Banners/Elements/Files/160090/10998794/ Frame A876 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/10998794.js?ADFassetID=10998794&bv=258
Requested by
Host: mustsharenews.com
URL: https://mustsharenews.com/spf-arrest-scams/?isentiaPostId=post-1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
287831b22c921f42f02cd1dc601ab687fdf107965233699abd72f4df3b7cb0b2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
W/"622b19dc-1b815"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
ca
choices.trustarc.com/ Frame BF11 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9186f267-3555-4cde-be02-830936bf6f7e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:13:22 GMT
content-encoding
gzip
server
nginx
age
19528
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
content-length
2476
x-amz-cf-id
3wqCMaG0KzfO_CoUjdjwID6EpHQIqYXQjxrczHaJTIDGKMaFfCKKDg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame BF11 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 23:57:54 GMT
content-encoding
gzip
server
nginx
age
16856
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ALqitzvkrGgl2JhgaPPBW_wcnTHRFWfEai4x395sUxire0JuqyEy7Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame BF11 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=30f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
zj5uz5inb4tNMciZ8s3Q97pEMzzdfg8EW4ak5XU1gsLTHYgm_J_BOQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame A876 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Enabler.js
s0.2mdn.net/ads/studio/ Frame A876 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 04:44:08 GMT
get
choices.trustarc.com/ Frame BF11 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857429
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
GQujrOBfAKGuMSNVuZg5a06YD4QHQPG2zXBvtMBvKV6yDf9Z8ZPYsg==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame 1305 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857429
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
MKoxf0Acq5stMO4rZOixFVlGm451JVCPY-U2LyV9tnHYvwl0fODdxQ==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame 1305 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350149
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
Ws1_RMnEOCY0LXVIbHiRyyTl7F7TFCm8KOwfTV50X5Vhm2FBjus-oQ==
expires
Tue, 12 Apr 2022 13:36:20 GMT
get
choices.trustarc.com/ Frame 22ED 		287 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sat, 19 Mar 2022 06:28:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
857429
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
jcJxZ0AHtqSFWkz1gYpHvCnvBFwMk1ItTbVpb9U60weqqjwERuAnsQ==
expires
Mon, 18 Apr 2022 06:28:20 GMT
get
choices.trustarc.com/ Frame 22ED 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=0a7a8j6_a99jcch_1e7nlzp2&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-28.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Sun, 13 Mar 2022 13:36:21 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server
nginx
age
1350149
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
6RUl4Qb_5xIOHyGjAsz9PUQMpnf6NKY-znDO7nPtTvLQwuWBhLFcHw==
expires
Tue, 12 Apr 2022 13:36:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0CB 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220324&jk=4502625534196468&bg=!iYqlis7NAAbzJazn0yU7ACkAdvg8Wh3JI4XADuTnFvCwX6cR1OXyP6fsW1u28-bhC3Ra9z26e0IEFwIAAAEeUgAAAAJoAQcKAChcMh52FhM9-s_5lst5UlqkcZ6pRLIjHbYHUuN4MX5cTxlM3giNgz9ZmQL1us1hgUZKywo8QzK7Buv55JXtmaRLOsKjWRYG3jxLer7BCmHGKcNoNqldZ-8NDwUgZ_Ez1uX0E5eMBgrJ4g0vs0PkR_poRQafb5s7gSM1uwVKq3wwmpiwh6PDpnq0f4mOaVTguND4xO3bXpLBsCkisJzgGAQnOulG_MHdqu6VK-YRCjZZpEGfdlcaOmvCkR_Cky6frdD4vniBz9-4HbSbbN4d0QR2-zMgurUWw0Ukoepgfb8Y_o_9qLaxuIvuN6ZTyNZasW3QLnxP7V8iRcUT-Bg9cnnAYy0blIOxhdCvpstHL2d1RZazphYkcwqqp3FOacCP0bJE_6kHj9Goz4_eceler2yhzN7Xjc9f70BY8g3OmkF5dEVlpbB74Oaiu7g_uUhqnzrdEH__CgsORIrpf2Gz1Yxdxy72Uh2ADMyWkroFcUVLq9pRdrl6RVzduaqxH0fCG_y0QcWHT5hzVck_9t497y8ozjiHAYqSYlvu3UGYoTxPYYcQUunnOVWDnIpVOJKWsBSVOCLsGLkEhMNrlp0TFKb0T-80vQeN5ZgS5PjUApJ0iWn89vxw8sapZW3Oo5OCSIis6kGVZBd2dfXoXgu8xHtZTT1GeiMfPraUJ6jErx8fgBS5Zi5WtscYyvOASTHdP7Z8Cvih9V2o_r4A8rI76b8K_im02X09_NYPQ-H0v1E-b2cuhsqSTZDrahCqoDJabPj6yqL8C4zDwBniK2mAZCQOoX9YEkcEm_ghrD_Bq4a3lTcSQxg5aZjl6IQzRhwWBEaZZuqwpqDIcfX9cDxa68hZNyn3qvH0Hz12LbNORg_E8A6i64hBBhNkKEPYNnus-ch6sL68cuRxv_8onqRu2ztdxA0Xvaza0U7WtZ4wyGBQn8lLiUHql__Gmyhkp3yE4VrcFhEa1wAChgK7TpQxSPkkRRtgjQ-OEQQLagF4DQUliNcLV5-LGt3a9tiWsbgsZcSeArr8TMeDn51k3h-MzSbMUfw7KOTCYCwdJ5ERDHsuQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 9A50 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C3020%2C2030%2C173%2C251%2C175%2C233%2C178%2C3018%2C2028%2C3017%2C2027%2C3016%2C214%2C159%2C237%2C2025%2C337%2C117%2C338%2C97%2C99%2C77%2C3012%2C3010%2C182%2C222%2C3007%2C201%2C4%2C246%2C203%2C326%2C80%2C228%2C10000%2C9%2C229%2C108%2C307%2C208%2C109&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a5379b56f8880bf1b899229b54c7f7f22ad52cf5f422898728507d1f4b65bee
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=149042
expires
Wed, 30 Mar 2022 22:02:54 GMT
date
Tue, 29 Mar 2022 04:38:52 GMT
content-length
8141
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D412 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=84149
expires
Wed, 30 Mar 2022 04:01:21 GMT
date
Tue, 29 Mar 2022 04:38:52 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C348 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Mar 2022 04:38:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5685 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
5408ab3994b4585eae83c683fbeda980495a02460979f13c2fec6a28e1d13097

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
text/html; charset=utf-8
content-length
498
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame 2801 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1388
Date
Tue, 29 Mar 2022 04:38:52 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 93DF 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 46E5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1816/prebid_2022_3_23_15_8_51.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 29 Mar 2022 04:38:52 GMT
Age
66087
X-Served-By
cache-lga21934-LGA, cache-hhn4023-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 519966
X-Timer
S1648528732.438590,VS0,VE0
Vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1
  • https://eb2.3lift.com/xuid?mid=6547&xuid=diucXp8sRCJd7EXkJGJV&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=diucXp8sRCJd7EXkJGJV&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=diucXp8sRCJd7EXkJGJV&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Tue, 29 Mar 2022 04:38:53 GMT, Tue, 29 Mar 2022 04:38:53 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://www.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://eb2.3lift.com/xuid?mid=3396&xuid=37cf273d-6031-4a9e-b4c2-17b86d952301&dongle=c7e1
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=37cf273d-6031-4a9e-b4c2-17b86d952301&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3396&xuid=37cf273d-6031-4a9e-b4c2-17b86d952301&dongle=c7e1
Pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length
0
expires
0
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=d4499d32-bbe3-4981-9484-a62e6b593966&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=d4499d32-bbe3-4981-9484-a62e6b593966&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=d4499d32-bbe3-4981-9484-a62e6b593966&dongle=9e4f&gdpr
date
Tue, 29 Mar 2022 04:38:52 GMT
server
_
content-length
0
match
c1.adform.net/serving/cookie/ Frame 5685 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
140
match.deepintent.com/usersync/ Frame 5685 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/140
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:51 GMT
content-length
0
server
c
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=1%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D5b4qZxfLLIJe%26dongle%3D8bee%26gdpr%3D1%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=5b4qZxfLLIJe&dongle=8bee&gdpr=1&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=5b4qZxfLLIJe&dongle=8bee&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://eb2.3lift.com/xuid?mid=2636&xuid=5b4qZxfLLIJe&dongle=8bee&gdpr=1&gdpr_consent=
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-pw424
expires
-1
us.gif
sync.go.sonobi.com/ Frame 5685 		49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=3642358105815023776598
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=23&uid=3642358105815023776598&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3391&xuid=659356420806&dongle=6f30
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3391&xuid=659356420806&dongle=6f30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://eb2.3lift.com/xuid?mid=3391&xuid=659356420806&dongle=6f30
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=8D4CCE8DE2E3495EB286D967A4F31EE0&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=8D4CCE8DE2E3495EB286D967A4F31EE0&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 29 Mar 2022 04:38:52 GMT
x-content-type-options
nosniff
server
nginx
location
https://eb2.3lift.com/xuid?mid=7969&xuid=8D4CCE8DE2E3495EB286D967A4F31EE0&dongle=yf3
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 28 Mar 2022 04:38:52 GMT
xuid
eb2.3lift.com/ Frame 5685
Redirect Chain
  • https://sync.1rx.io/usersync2/triplelift
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1330889337
  • https://sync.1rx.io/usersync/tradedesk/2666c1fb-f4ba-4414-8244-b277cf67c3f8
  • https://sync.targeting.unrulymedia.com/csync/RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003&dongle=2dcc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003&dongle=2dcc
date
Tue, 29 Mar 2022 04:38:52 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba0d876070d94139a078b5cfeed8774b003
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame C348 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14262
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9540
Expires
Tue, 29 Mar 2022 08:36:34 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D412 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52141487&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
732f04de75bbcd02ab0a582ecd6c060d923c421ee007549fb8bc5b079da64254

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 46E5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5ceb9b0-7ad1-426e-9201-77ba2a778d45
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame D558 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A90510C5-1356-49F1-9108-77B091D3BC11
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 742D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:050d6242-8d57-4900-b380-362d6e8120ae&gdpr=0&gdpr_consent=
42 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:050d6242-8d57-4900-b380-362d6e8120ae&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:430
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 29 Mar 2022 04:38:52 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4267 dd20a5c master cdg-pixel-x15 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:050d6242-8d57-4900-b380-362d6e8120ae&gdpr=0&gdpr_consent=
Expires
Tue, 29 Mar 2022 04:38:51 GMT
usersync.aspx
dis.criteo.com/dis/ Frame EA37 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 29 Mar 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
465580
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame CC91
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5446892411108895198
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5446892411108895198
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug026:0:447
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5446892411108895198
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 03E5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7080376990466177175
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7080376990466177175
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:38:52 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug019:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 29 Mar 2022 04:38:52 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7080376990466177175
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qQUQxRNWSfGRCHewkdO8EQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=84149
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 30 Mar 2022 04:01:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=050d6242-8d57-4900-b380-362d6e8120ae
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=050d6242-8d57-4900-b380-362d6e8120ae
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
MT3 4267 dd20a5c master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=050d6242-8d57-4900-b380-362d6e8120ae
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 29 Mar 2022 04:38:51 GMT
mw
mwzeom.zeotap.com/ Frame D412
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A90510C5-1356-49F1-9108-77B091D3BC11
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=2666c1fb-f4ba-4414-8244-b277cf67c3f8&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2f9bda9ec23d04ae/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=2f9bda9ec23d04ae/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f54018147d2022c4ff0b03d4b9e9e81d&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=2f9bda9ec23d04ae
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-4188cab5dd77&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL2zJxijDaxSuTkzrXn434s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-418...
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEL2zJxijDaxSuTkzrXn434s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-4188cab5dd77&zcluid=2f9bda9ec23d04ae&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6f35eb255d9d01df-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEL2zJxijDaxSuTkzrXn434s&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=643f6c17-9938-4b19-7649-937c3f4ccdbb&reqId=a5561bda-990c-4d17-7df9-4188cab5dd77&zcluid=2f9bda9ec23d04ae&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTkwNTEwQzUtMTM1Ni00OUYxLTkxMDgtNzdCMDkxRDNCQzEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:1082
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQrpzz44WKAjEFnSyI0CCw&google_cver=1
42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQrpzz44WKAjEFnSyI0CCw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:455
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQrpzz44WKAjEFnSyI0CCw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D412 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 28 Mar 2022 04:38:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5971110037465093560
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5971110037465093560
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5971110037465093560
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2666c1fb-f4ba-4414-8244-b277cf67c3f8
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2666c1fb-f4ba-4414-8244-b277cf67c3f8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:336
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2666c1fb-f4ba-4414-8244-b277cf67c3f8
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2467237507975114060&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2467237507975114060&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:463
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
078f5721-85b8-4911-9c6d-b0f28da32c67
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2467237507975114060&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D
42 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:442
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
A90510C5-1356-49F1-9108-77B091D3BC11
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D412 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A90510C5-1356-49F1-9108-77B091D3BC11?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d472:fadb:5355:a85e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A90510C5-1356-49F1-9108-77B091D3BC11&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xshEIP5E2uWVgAiJb6Ip_GdTxKEs28M-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xshEIP5E2uWVgAiJb6Ip_GdTxKEs28M-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xshEIP5E2uWVgAiJb6Ip_GdTxKEs28M-~A&gdpr=0&gdpr_consent=
date
Tue, 29 Mar 2022 04:38:52 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=31d00b96-3422-48c5-b78f-eda5aecddcf4
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=31d00b96-3422-48c5-b78f-eda5aecddcf4
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=c5f996f7-093f-4a17-a817-258d0bb7ae1f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31d00b96-3422-48c5-b78f-eda5aecddcf4&gdpr=&gdpr_consent=&gdpr_pd=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31d00b96-3422-48c5-b78f-eda5aecddcf4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug026:0:520
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=31d00b96-3422-48c5-b78f-eda5aecddcf4&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 29 Mar 2022 04:38:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D412
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c6f31ae-13f5-4f36-ad98-b1cf028addec&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c6f31ae-13f5-4f36-ad98-b1cf028addec&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7c6f31ae-13f5-4f36-ad98-b1cf028addec&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
usermatch
ssum-sec.casalemedia.com/ Frame 3FDE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5454635db936cb67ed5144ac60bcea08201973a06e96b31f196578d2ef21b3a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|81|8|196|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 29 Mar 2022 04:38:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Content-Length
1613
Connection
keep-alive
dcm
s.amazon-adsystem.com/ Frame 3FDE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CHGQJGVJW0VM70E8PEES
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZRDNJQ8B0QHJQT5NHHRZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3FDE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YkKNV79poFf3MCPgFLG1.wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN3aOeGRk-LWF34R9NjIziA&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN3aOeGRk-LWF34R9NjIziA&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN3aOeGRk-LWF34R9NjIziA&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3FDE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3FDE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3FDE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=h4Li1onU49Oc1e_QiIP71NKF4tCcg-PVhNYm8eSR
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=h4Li1onU49Oc1e_QiIP71NKF4tCcg-PVhNYm8eSR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=h4Li1onU49Oc1e_QiIP71NKF4tCcg-PVhNYm8eSR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3FDE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7eacac0a-ee0f-40d8-ac05-58180a0a95b2&expiration=1680064732
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7eacac0a-ee0f-40d8-ac05-58180a0a95b2&expiration=1680064732
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:52 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7eacac0a-ee0f-40d8-ac05-58180a0a95b2&expiration=1680064732
date
Tue, 29 Mar 2022 04:38:52 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 3FDE
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:52 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:38:52 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 3FDE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Eypoixf11Nz3D45&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Eypoixf11Nz3D45&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:38:52 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:51 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Eypoixf11Nz3D45&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3FDE 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YkKNV79poFf3MCPgFLG1.wAA%261116
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fmustsharenews.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:38:52 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=734
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:51:06 GMT
cta2.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/cta2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-1788"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6024
yellowtext.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/yellowtext.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
600b5169e32abd297660c3a3dcdc4c178cb2fde5dd90d7444920090abd9c9c85
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-345b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13403
cta.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/cta.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12445a0d098355ffd32c73170f54f3c33aaa46a791a4394b6d78d3cd03bc2179
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-1def"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7663
t.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/t.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-2588"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9608
badges.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/badges.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fe693718caee42a00814b122bc3ad7b98d4432004522755e808d1c273a8ca0de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-1687"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5767
text_1.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/text_1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-186b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6251
logo2.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/logo2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0c8ab0c6681a22d510d8c160fd774a5e290a50c77fd0d2008b7e3bbcb0625ee5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-2386"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9094
pic.jpg
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/pic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dc7713d7d03081a28ce08ae4e2c56c39a5ef1effdff8d0dd2f5b013c5d4cb59d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-3bfd"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
15357
logo1.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/logo1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-371a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
14106
bg.jpg
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame 092A 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/bg.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6bf42dd1ff60e1321d40af8fd7bade8e714dd3d582d90a0fe15d1cf6fde5d65e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-9821"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
38945
cta2.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/cta2.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-1788"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6024
yellowtext.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/yellowtext.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
600b5169e32abd297660c3a3dcdc4c178cb2fde5dd90d7444920090abd9c9c85
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-345b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13403
cta.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/cta.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12445a0d098355ffd32c73170f54f3c33aaa46a791a4394b6d78d3cd03bc2179
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-1def"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7663
t.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/t.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-2588"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9608
badges.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/badges.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fe693718caee42a00814b122bc3ad7b98d4432004522755e808d1c273a8ca0de
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-1687"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5767
text_1.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/text_1.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-186b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6251
logo2.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/logo2.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0c8ab0c6681a22d510d8c160fd774a5e290a50c77fd0d2008b7e3bbcb0625ee5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-2386"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
9094
pic.jpg
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/pic.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dc7713d7d03081a28ce08ae4e2c56c39a5ef1effdff8d0dd2f5b013c5d4cb59d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:56 GMT
server
nginx
etag
"622b19dc-3bfd"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
15357
logo1.png
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/logo1.png
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:54 GMT
server
nginx
etag
"622b19da-371a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
14106
bg.jpg
s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/ Frame A876 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998794/bvpath_258/bg.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=79199000021345004380390011913004&a=aabce73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6bf42dd1ff60e1321d40af8fd7bade8e714dd3d582d90a0fe15d1cf6fde5d65e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:38:52 GMT
last-modified
Fri, 11 Mar 2022 09:43:55 GMT
server
nginx
etag
"622b19db-9821"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
38945
pixel.gif
px.moatads.com/ Frame 5DDF 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24X%24H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-150pLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-NQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&id=1&ii=1&cm=17&f=1&j=https%3A%2F%2Fmustsharenews.com&lp=https%3A%2F%2Fmustsharenews.com&t=1648528727578&de=666547277844&cu=1648528727578&m=5870&ar=9f397fe3151-clean&iw=275f53f&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=252&lg=1&lh=72&gm=1&io=1&fa=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1548%3A696&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5166&cd=146&ah=5166&am=146&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=vko50on%3Akywm6zw%3A0a7a8j6%3Aa99jcch&bd=mustsharenews.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=mustsharenews.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=mustsharenews.com&zMoatSubdomain=mustsharenews.com&zMoatJS=3%3A-&zMoatCachebuster=807386&zMoatCreative=1e7nlzp2&zMoatDealID=-&zMoatImpressionId=9f3ba6a6-4056-4d51-a8bf-e9b376965c43&zMoatPartnerID=vko50on&zMoatSite=mustsharenews.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD05ZjNiYTZhNi00MDU2LTRkNTEtYThiZi1lOWIzNzY5NjVjNDMmY3JpZD0xZTdubHpwMiZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE0N2EwZDU2JnB1aWQ9JnBpZD12a281MG9uJmFnPWE5OWpjY2gmYWR2PWt5d202encmYnA9MC4xMTcxNDAyMzMzNzk5MzkwNzk4MyZjZj0zMTc2MjgxJmZxPTAmdGRfcz1tdXN0c2hhcmVuZXdzLmNvbSZyY2F0cz0mbWNhdD0mbXN0ZT0mbWZsZD0zJm1zc2k9Jm1mc2k9JnVob3c9NTQmYWdzYT0mcmd6PSZzdmJ0dGQ9MSZkdD1QQyZvc2Y9V2luZG93cyZvcz1XaW5kb3dzMTAmYnI9Q2hyb21lJnJsYW5ncz1lbiZtbGFuZz0mc3ZwaWQ9MjE0NjgmZGlkPSZyY3h0PU90aGVyJmxhdD01MS41NDk5OTkmbG9uPTcuNDgwMDAwJnRtcGM9JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ2RIWlhKdFlXNTVHZ0E0QVZBSGdBRUFpQUVCa0FFQiZkdXI9Q2pBS0RHTm9ZWEpuWlMxaGJHd3RNU0lnQ1BfX19fX19fX19fX3dFU0UzUjBaRjlrWVhSaFgyVjRZMngxYzJsdmJuTUtPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrZ0tJV05vWVhKblpTMWhiR3hOYjJGMFZtbGxkMkZpYVd4cGRIbFVjbUZqYTJsdVp5SWpDS1hfX19fX19fX19fd0VTRG0xdllYUXRjbVZ3YjNKMGFXNW5LZ1lJb0kwR0dBdy4mY3JyZWxyPSZpcGw9LzIxNjIyODkwOTAwL1NHX211c3RzaGFyZW5ld3MuY29tX3Jlc19hcnRpY2xlX21pZDRfMzM2eDI4MC8vMzAweDI1MCZwY209MSZncmRjPUNBRVlBU0FCS0FGQUFVZ0MmdmM9MyZjeD0tNTE3ODg4MzYxNDUyNjI0NTMwMiZzYWlkPTBkMDIyZGQ5YzI3OGEzNmJhMTViY2Q1MTcyMDEwYjE4ZWI3NzM0NTMmaWN0PVVua25vd24mYXVjdD0xJmN4bHZzPTAmaW09MSZtYz1lYzhiYTRmYy0wNTJjLTQ3ZmYtODZmZi0wZDdkZjc3ODdlNmYmdGFpbD0xJnN2PXJ1Ymljb24mdGFpbD0x&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=21468&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=197724&na=713004743&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:53 GMT
async_usersync
ib.adnxs.com/ Frame 46E5 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:38:53 GMT
X-Proxy-Origin
217.64.151.30; 217.64.151.30; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb33f795-2b90-4aaf-9718-352504902ed5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=TRIPLELIFT1&ol=3393439341&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrBEe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-BucHbtgGjXtDL%2FZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&rs=1-Vbb1JxNzs6uFgA%3D%3D&sc=1&os=1-GA%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oDgO%3DLlE6%3ABcmUZzCFV%60pT6yv%7CEkUpF%3D3%3Ch%2C%25%3BMB1_tNOC%604dEzbSIq11_iCTpXSe%2BShooUKV%3B%2B9%7CPQPmf)P%3DH%3BCH%6029YCN%3FAbcE%3DX7IL3kQ%2CNJJ)%2Ct_A%24%3D!%250UnqMs%3Cex1bxNTK7%2BuCTpY%3CZ.4%5DAOTK7%2BuC9r&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=280&w=336&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fmustsharenews.com%2Fspf-arrest-scams%2F%3FisentiaPostId%3Dpost-1&id=1&ii=4&f=0&j=&t=1648528728427&de=580756898963&cu=1648528728427&m=5214&ar=9f397fe3151-clean&iw=3341c3b&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9168&le=1&lf=173&lg=1&lh=66&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A516%3A516%3A1180%3A768&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5003&cd=48&ah=5003&am=48&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=7207%3A125401%3Aundefined%3A10&bo=3690&bd=mustsharenews.com&gw=triplelift879988051105&zMoatOrigSlicer1=3690&zMoatOrigSlicer2=49187&zMoatTactic=undefined&zMoatPixelParams=aid%3A4948238301475243652223%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=1&jm=1&tc=0&fs=197724&na=245569885&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mustsharenews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 29 Mar 2022 04:38:53 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D412 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:01:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 6BC4 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5971110037465093560@@53795663,2173600493240095284,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|LgWHjWLrfBrxBx_RTJEBJzTvii0UxfI0pD4yo8i1wkF4nmtZEnjpP_L_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90002.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:38:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90002.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 2A93 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX
Domain
track.adform.net
URL
https://track.adform.net/serving/unload/?version=15&unload=0@@53694719,837184247420897063,0|0|0|0|0|0|0|0|0||0|1|1014|d388a307-e817-30d0-a8b1-10e9a00f92b2_1|||1|0|0|oSFqtg5_gxXi5nP9TebYOumn3tQYot-A0|||11||0

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 function| structuredClone object| oncontextlost object| oncontextrestored string| quizSiteUrl string| GoogleAnalyticsObject function| ga function| fbAsyncInit object| _wpemojiSettings undefined| $ function| jQuery object| mashsb undefined| strict object| mashbar object| lazySizes function| gtag object| dataLayer object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| googletag object| sas object| adloox_pubint function| startAnymindTS object| PWT object| atspbjs object| anymindTS function| fbq function| _fbq object| block_td_uid_2_62428d5115a4e object| block_td_uid_5_62428d5136629 object| google_tag_manager number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent boolean| sas_useID5Module object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_data object| FB object| AMP object| twemoji object| wp object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| $f object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| _stq function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery object| ai_front function| b64e function| b64d number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_484255459416 boolean| ai_js_code object| gaplugins object| gaGlobal object| gaData function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| google_user_agent_client_hint function| st_go function| linktracker_init object| wpcom function| ai_document_write string| selector_string number| google_lpabyc function| ai_process_lists function| ai_process_ip_addresses function| atspbjsChunk object| mnet function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| recaptcha object| closure_lm_389006 object| GoogleGcLKhOms object| google_image_requests number| _tlTagsPending object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_89369741 function| arrive function| unbindArrive function| leave function| unbindLeave

123 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ACxne1P8wMCsyrRPZn2fFQytvCUA8JLxrTw1c3e3amFkZDn2ipgoNlWCanRbxzaN-0QLFNfcKNhDOpg6WhRHxf0
.3lift.com/sync Name: sync
Value: CgoIgAIQ_83gn_0vCgoIgQIQqcHgn_0vCgoIggIQ_83gn_0vCgoIhwIQqcHgn_0vCgkICRCpweCf_S8KCQhJEPXM4J_9LwoJCAsQqcHgn_0vCgoIiwIQ_83gn_0vCgoIjAIQqcHgn_0vCgoIzgEQ9czgn_0vCgoIjgEQ9czgn_0vCgkIDhDz4eCf_S8KCgiPAhD_zeCf_S8KCgiQAhDz4eCf_S8KCgiRAhD1zOCf_S8KCgiSAhD1zOCf_S8KCgiUAhD1zOCf_S8KCgiVAhDz4eCf_S8KCgjWARD1zOCf_S8KCgiWAhD_zeCf_S8KCgiaARDz4eCf_S8KCQgbEPXM4J_9LwoKCJ0CEPPh4J_9LwoKCN4BEP_N4J_9LwoJCF8QqcHgn_0vCgkIHxD1zOCf_S8KCgihARCpweCf_S8KCgihAhD_zeCf_S8KCgjiARCpweCf_S8KCgjjARD_zeCf_S8KCQgkEPPh4J_9LwoKCOYBEKnB4J_9LwoKCOcBEP_N4J_9LwoJCHMQ_83gn_0vCgoIuAEQ8-Hgn_0vCgkIORD1zOCf_S8KCQg6EKnB4J_9LwoKCPsBEPPh4J_9LwoKCP8BEPPh4J_9LwoJCD8Q8-Hgn_0v
.mustsharenews.com/ Name: _ga
Value: GA1.2.987807505.1648528726
.mustsharenews.com/ Name: _gid
Value: GA1.2.999588512.1648528726
.mustsharenews.com/ Name: _gat
Value: 1
.mustsharenews.com/ Name: _gat_gtag_UA_54789758_1
Value: 1
mustsharenews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mustsharenews.com/ Name: _pubcid
Value: 7adaef0f-fc41-4a1f-9b27-9da057dfc35f
.mustsharenews.com/ Name: _fbp
Value: fb.1.1648528726214.2059572830
.rubiconproject.com/ Name: khaos
Value: L1BNFU07-1S-6BRL
mustsharenews.com/ Name: cto_bidid
Value: qU5oTV84VkhFZmNBTCUyRmc3eHNSaUlyOCUyRjM1STZYd0k1MWxoYnpOZjV6Z2ZiJTJGUzlVcDhQZHAxQTBYTzNkRkxSSXpTdktyU25VJTJGdFd4M0tUTlRjZ2ZJJTJCMHJwMlElM0QlM0Q
mustsharenews.com/ Name: cto_bundle
Value: TYnQhV9FSiUyRkdCbzR1THFCY3pHeEU1JTJCM0tDMzJicTBPdmY5ZUFFS2Y0YiUyRjVHRU1sQ3FMZFVaMUx0QUs5eHFpRFZwUjRZRk5tWnoxeWxGb0c4UzAlMkJsRklrRHN2RWFrSFF5WGw1eTM0YSUyQmdLcHpJcnRCQkZ3RGIwY2lIY3FKRnBkRTdjN1Q
.facebook.com/ Name: sb
Value: Vo1CYoqTgU-fGlz0ac5h5d0V
.facebook.com/ Name: fr
Value: 0dl3ovcQAxsR0TATx..BiQo1W.fe.AAA.0.0.BiQo1W.AWUJQBt_MwE
.adsrvr.org/ Name: TDID
Value: 2666c1fb-f4ba-4414-8244-b277cf67c3f8
.adnxs.com/ Name: uuid2
Value: 2467237507975114060
.simpli.fi/ Name: suid
Value: 8D4CCE8DE2E3495EB286D967A4F31EE0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A90510C5-1356-49F1-9108-77B091D3BC11
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YkKNVwAQitH7mwAy
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003%22%7D
.rlcdn.com/ Name: rlas3
Value: 0yDa2pSmDcFUFE83oagySifEdOELKNvoZdianGIgbM4=
.rlcdn.com/ Name: pxrc
Value: CAA=
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB24ZqdCs7mpTSAkF7RiBdb4AgvEG2sPPZq/zJBpTbUTS7tbr9aJ/Jx6EwNMqPxGN4Ol2zc8aRh/hnKY++jymV4/ObTleGb6qyTZ07z1Q7uw3lxoUNeJqvzt0Qxlda2zPG0m1LRvd1CuP728dQ8fslSKJPKNNPmRnbL8ewi7LOaL5sp6NUwO8d8QnyFHID3hUmzI0ODs07Ox+mYZdxS8mnsGHP1fC/fWY3uMubqaWOC3Mz1gk67rADOGb6LmdIb7rzg4GJzz2IQs+zc2D8c8sh92TM6A1BodwYKU7IJddmKAo4wVLiKFihVRYf2LrWK/bnw=
.getrockerbox.com/ Name: uuid
Value: 2467237507975114060
.mathtag.com/ Name: uuid
Value: 050d6242-8d57-4900-b380-362d6e8120ae
.bidswitch.net/ Name: tuuid
Value: 31d00b96-3422-48c5-b78f-eda5aecddcf4
.bidswitch.net/ Name: c
Value: 1648528727
.bidswitch.net/ Name: tuuid_lu
Value: 1648528727
.casalemedia.com/ Name: CMID
Value: YkKNV79poFf3MCPgFLG1.wAA
.casalemedia.com/ Name: CMPS
Value: 5201
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBFeNQmICEGZ72mAaiv5yyOU8L2Ry7qkFEgEBAQHeQ2JMYgAAAAAA_eMAAA&S=AQAAAgH48FtDz4XNdqBzxmrkick
.quantserve.com/ Name: mc
Value: 62428d57-e9493-0c544-3515f
.ctnsnet.com/ Name: cid_e1713912881a4aebaa4c15f958e9254a
Value: 1
.adform.net/ Name: uid
Value: 5971110037465093560
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c4a5227c-927a-4639-8692-e20163c4659a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg1Mjg3Mjc7MjswMjGQk/FA5kl3oSr3umLcS07tFDATlh6/EcifEhnOg0+5mw==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2262:u=1:x=1:i=1648528727:t=1648615127:v=2:sig=AQE_t-uLifkjJz9ZqTZkVi6K1xudYrc3"
.casalemedia.com/ Name: CMPRO
Value: 1116
.turn.com/ Name: uid
Value: 3352060286983397244
.lijit.com/ Name: ljt_reader
Value: 8754594ed3efe6a5056aec7f
.tidaltv.com/ Name: tidal_ttid
Value: dcf89d65-9457-4235-892d-cc2681c295bc
mustsharenews.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%222666c1fb-f4ba-4414-8244-b277cf67c3f8%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-02-28T04%3A38%3A47%22%7D
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA3tDI0sgAAXewRhgkAAAA="
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmJhamRhbmRhZGAGAFWL8FQQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMrK0tLAwMbOwNBTiM9R1zI_0yco1NagwD_QBAKwbI04lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMrK0tLAwMbOwNBTiM9R1zI_0yco1NagwD_SR4jU0M7EwNbIwN7IwMjADAO1LIwQ0AAAA
.3lift.com/ Name: tluid
Value: 3642358105815023776598
.bing.com/ Name: MUID
Value: 0DED41F7417D6EAA0FD9508140166F98
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 366bb77254452964
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.mustsharenews.com/ Name: __gads
Value: ID=6b4267633041b275:T=1648528726:S=ALNI_MalDZQZxnhf1eRcoVXr_2Sr_1fE7A
.doubleclick.net/ Name: IDE
Value: AHWqTUnY6FOcKGWMYlaKp0Wc7uKqx0DohnFoI_xahJYf8AuDeTFRWJEtZ_YPBvrFKx8
.360yield.com/ Name: tuuid
Value: 6a58f056-b292-47a0-82ee-acc787850fd9
.360yield.com/ Name: tuuid_lu
Value: 1648528729
.mathtag.com/ Name: mt_mop
Value: 4:1648528729
.advertising.com/ Name: APID
Value: UP20ba6696-af1a-11ec-900c-06b097fc39c8
.adform.net/ Name: TPC
Value: 1648528729509
.tribalfusion.com/ Name: ANON_ID
Value: alnu7qtZdPufm7SpBnE8uTwEUMuV9ZdQrMs2ZdqvqWboUUBIGMsA2RpVKcWcIZdGoPUDgrZbyZc3m2GoZbeFpAnsEXXir2g70Yf78YmUiepItUk
.mfadsrvr.com/ Name: tuuid
Value: fae8f556-3ccc-47c6-b074-efc69daedc15
.mfadsrvr.com/ Name: c
Value: 1648528729
.bidr.io/ Name: bito
Value: AADQWk7EhRsAADM05_FC3w
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: tuuid_lu
Value: 1648528730
.mfadsrvr.com/ Name: ssh
Value: !triplelift,1648528730
.sportradarserving.com/ Name: zuuid
Value: 2f7fcda1-eb79-4a1d-acd7-1fa01c24031c
.sportradarserving.com/ Name: c
Value: 1648528730
.sportradarserving.com/ Name: zuuid_lu
Value: 1648528730
.w55c.net/ Name: wfivefivec
Value: Eypoixf11Nz3D45
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1648528730
.w55c.net/ Name: matchtriplelift
Value: 5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f9115326-c831-4821-56a2-54779e58d4ec.IJJgAkn7F5yt1L6NaQ5CFVFzjjHa7HGl%2Bbhrb5e6BKU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-RFTJsgxSCFWolR3nljU7NlAlx4.zTVAEcVNwsQ5%2FIks9Nwz4kwr7bT0uWdQNGCJZEpG0sc
.ipredictive.com/ Name: cu
Value: 21249a50-af1a-11ec-9746-d710e3bebab8|1648528730170
.realestate.com.au/ Name: mid
Value: 2677506907952279716
.realestate.com.au/ Name: External
Value: %2FTRIPLELIFT%3D3642358105815023776598%2F_EXP%3D1680064730%2F_exp%3D1680064731
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158497:3
.pubmatic.com/ Name: DPSync3
Value: 1649721600%3A197_219_201%7C1648598400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1649376000%3A63%7C1649808000%3A35%7C1649721600%3A71_81_56_54_161_7_3_8_220_21_13%7C1651104000%3A203%7C1649116800%3A223
.acuityplatform.com/ Name: auid
Value: 659356420806
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjP6jXVzZXJNYXRjaGluZ0lkJK6RbGFzdERyb3BUaW1lTWlsbGlzJQE/dH8DCoKYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBP3R/AwqCj3RoaXJkUGFydHlVc2VySWRVMzY0MjM1ODEwNTgxNTAyMzc3NjU5OPv7hnZlcnNpb27C+w=="
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wq~240s:18z8~240s"
.adfarm1.adition.com/ Name: UserID1
Value: 7080376990466177175
.casalemedia.com/ Name: CMST
Value: YkKNWGJCjVwA
.adsby.bidtheatre.com/ Name: __kuid
Value: 7c6f31ae-13f5-4f36-ad98-b1cf028addec.417742732
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba0d8760-70d9-4139-a078-b5cfeed8774b-003%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: cookie
Value: 2f9bda9ec23d04ae
.onaudience.com/ Name: done_redirects147
Value: 1
.w55c.net/ Name: matchcasale
Value: 5
.quantserve.com/ Name: d
Value: EFABHAHjJYEO-TC_vLEKyb0Q
.pubmatic.com/ Name: SPugT
Value: 1648528730
.adsrvr.org/ Name: TDCPM
Value: CAESGAoJbW9va2llLXBzEgsI-KeNzYHSyDoQBRgBIAEoAjILCLbC6Z2Y0sg6EAU4AVoHeGtzdzlsYWAC
.de17a.com/ Name: guid2
Value: 1.5446892411108895198
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D&KRTB&19420-hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D&KRTB&22979-hcGPb4uXjmqeloJpisCWbdDGj2mewI5shpVTfG1D
.pubmatic.com/ Name: PugT
Value: 1648528732
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENQrpzz44WKAjEFnSyI0CCw&KRTB&16514-CAESENQrpzz44WKAjEFnSyI0CCw&KRTB&23025-CAESENQrpzz44WKAjEFnSyI0CCw
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2467237507975114060&KRTB&23339-2467237507975114060
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:050d6242-8d57-4900-b380-362d6e8120ae&KRTB&16736-uid:050d6242-8d57-4900-b380-362d6e8120ae&KRTB&23019-uid:050d6242-8d57-4900-b380-362d6e8120ae&KRTB&23208-uid:050d6242-8d57-4900-b380-362d6e8120ae
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2666c1fb-f4ba-4414-8244-b277cf67c3f8&KRTB&22918-2666c1fb-f4ba-4414-8244-b277cf67c3f8&KRTB&23031-2666c1fb-f4ba-4414-8244-b277cf67c3f8
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7080376990466177175
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5971110037465093560&KRTB&23263-5971110037465093560
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5446892411108895198
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 189517bc0d56664a
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: f54018147d2022c4ff0b03d4b9e9e81d
.onaudience.com/ Name: done_redirects219
Value: 1
.volvelle.tech/ Name: ouuid
Value: c5f996f7-093f-4a17-a817-258d0bb7ae1f
.volvelle.tech/ Name: c
Value: 1648528732
.volvelle.tech/ Name: ouuid_lu
Value: 1648528732
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 7eacac0a-ee0f-40d8-ac05-58180a0a95b2
beacon.lynx.cognitivlabs.com/ Name: ss
Value: WP4YJMuZkJcn8GOYGMlJZUdnF9U0V5Q4FO%2BPZauvx1rdRzykYhXeICihUJ68lpEEbXUlKMPmoK8h0gCCM9M3VA%3D%3D
.creativecdn.com/ Name: u
Value: diucXp8sRCJd7EXkJGJV
.creativecdn.com/ Name: ts
Value: 1648528732
.casalemedia.com/ Name: CMRUM3
Value: 2f62428d5c05a0&f162428d5c05a0&2d62428d5c2760CAESEN3aOeGRk-LWF34R9NjIziA&e662428d5c2760&5162428d5c2760h4Li1onU49Oc1e_QiIP71NKF4tCcg-PVhNYm8eSR&0862428d5c27607eacac0a-ee0f-40d8-ac05-58180a0a95b2&c462428d5c05a0&2762428d5c0b40
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-31d00b96-3422-48c5-b78f-eda5aecddcf4
.zeotap.com/ Name: zc
Value: 643f6c17-9938-4b19-7649-937c3f4ccdbb
.zeotap.com/ Name: zsc
Value: 9%7B%18%0Cl%EC%82%F9%F6%E5J%C7%B0%5C%C5%D1%AD%F0%CA%D3%BD%199%0A%60%60r%3A7%08%EF%AD%AD~%87%D9%3B8%B4q%9E%E8%E7Ns%AE%D5%22%0D%3A%97%1D%D2%17T%CBl%A4Wr3%CB%EF.%A8J%D3%83Y%98_%9D%5E%8A%9BT%5B%9A%C1V%FC%BB%D0

18 Console Messages

Source Level URL
Text
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js(Line 135)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_gid=CAESEAGr8wpynBGF4snwrrA_r78&google_cver=1&google_push=AYg5qPIG7hoxXX3s4To9EmW1Lst9fuMpLIO65dmveawbSh2dgV9X4TrMbvWublpJkn2Q4kdadSW-uyoG6_IZdK_3ibi1i2jQXvw
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEK6JzhqfoTzClnqLKLoOiJU&google_push=AYg5qPIEmMYkt2pMGdy7CMadjGaB3f07C_-_QeHnWstcaafLvwnVCVF8iibn_j253WicQoRkxN3erFKbG7YXhNoYM-KrtvHl7E2a
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3642358105815023776598
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3642358105815023776598
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_push=AYg5qPLnccJv9ucj3lsdAQXTj3gopYk3GwnRRYpWsID7fc2A1gaSTa7gFJwYyM2GjeMYgKR2M7IZ3jFLfhBP16Ie6PEE2SN583O8&google_cver=1&google_gid=CAESEPviqOyl4j4FzuW0sSJn1jQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=aljwVrKSR6CC7qzHh4UP2Q&google_push=AYg5qPK-hwMYn4DQRDc1Ar2L3jmByMgRAin3ds1A69csD_g2oaZ3IojIDbhEFs2QC2sEwAPYp4WcCb2wewMc1XPy2r8eq4y-lik
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkKNV79poFf3MCPgFLG1-wAABFwAAAIB&google_cver=1&google_gid=CAESEHKdjVvu-_PF2jkEkGfI9r8&google_push=AYg5qPIg1wS9WsjQZ3YbJ50BwNdVPr0zCSS6DonBscr-SbInbu2T_Rxe8X-se9fMf2UEfWs8SCCD1EgZ5NU2qFHVsIVJct_Ob0GX
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31ec487a3efeaae96be4808ca5584a09.safeframe.googlesyndication.com
a.tribalfusion.com
a.volvelle.tech
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adasia-d.openx.net
adnetwork.adasiaholdings.com
ads.eu.criteo.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
anymind360.com
ap.lijit.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c.bing.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
ced.sascdn.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
de1-bid.adsrvr.org
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.moatads.com
ghent-aws-fr.bidswitch.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hal90004.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mb.moatads.com
metrics.getrockerbox.com
mug.criteo.com
mustsharenews.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg.smartadserver.com
px.ads.linkedin.com
px.moatads.com
r.turn.com
rtb.adentifi.com
rtb.fr.eu.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
sasinator.realestate.com.au
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
sportradarserving.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us.creativecdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.storygize.net
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
track.adform.net
104.21.58.221
13.248.245.213
138.201.63.116
142.250.181.226
142.250.185.230
142.250.186.66
143.204.98.28
143.204.98.56
151.101.1.108
151.101.2.49
154.59.122.79
159.122.14.34
169.197.150.8
178.162.133.149
178.250.0.162
178.250.2.146
178.250.2.148
178.250.2.151
178.62.202.251
18.156.0.31
18.168.215.250
18.184.108.74
18.194.56.109
18.196.142.162
185.184.10.30
185.29.134.244
185.29.134.245
185.33.221.52
185.33.221.88
185.64.189.112
185.64.190.80
185.64.190.81
185.86.137.122
185.86.138.16
192.0.76.3
192.0.77.2
192.132.33.46
193.0.160.128
198.148.27.140
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.201
2.18.234.21
2.18.235.40
2.18.235.93
2.21.20.197
2001:678:cb4:bbbb::11
209.54.180.144
213.155.156.183
213.19.147.44
23.205.235.133
23.32.59.34
23.88.75.189
2602:803:c004:200::141
2606:4700:10::6816:1957
2606:4700:20::ac43:49fe
2606:4700::6810:5514
2606:4700::6812:d05
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::645
2a05:d018:24:b002:fd0c:6a07:bd55:e3a8
2a05:d018:d29:3601:d472:fadb:5355:a85e
3.104.87.238
3.123.205.63
3.124.17.200
3.228.229.208
3.233.223.17
3.33.220.150
3.65.16.69
34.107.148.139
34.193.68.63
34.98.64.218
34.98.67.61
35.156.221.172
35.186.193.173
35.210.178.101
35.227.252.103
35.244.174.68
37.157.5.142
37.157.6.236
37.157.6.253
44.200.208.73
46.4.10.47
47.74.174.177
50.31.142.127
51.178.20.139
51.210.112.63
51.75.86.98
51.89.7.110
52.19.104.156
52.30.140.199
52.31.243.45
52.34.128.225
52.94.222.140
54.163.96.140
66.155.71.150
69.173.144.138
69.173.144.139
72.251.249.14
76.223.26.175
78.46.90.238
85.114.159.93
001f04b6bcc2dfe221c9d9c58278ad907ab8aee7faa83a9e5ac9cbd66b38a644
0071fd6b2bd57ac47bfefa8744308f8fb5367192a787bb3ddca9c48e51ff3545
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0311cb561c98f3f007799d1b1031febf9ad720ff2b750bc3d67b06f16e693e2a
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0451eb057f839276787041ff6afa9e97d2d815f21d46c22dfb3222bcc04956c5
0458df465ed91976d098c684ee1ece072857ec798dfa003f2d66f2702c8bf562
0470e95f409786ee169149e6329c2c279ba31d169c3dbe8a1511f7c69487f535
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
05a93afae8ef6f876d236971d06417d95d6c3d33b9d90c7778e7077e374ae35d
0746aa0afb2c133deb583b50dbde1ea6bef2b5371006723f7304f8dc5a11ad23
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b26aba82da1d312d1dbc9358d949d7c63465f31da706b44aa0394f6bc70c0c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c8ab0c6681a22d510d8c160fd774a5e290a50c77fd0d2008b7e3bbcb0625ee5
0ca392c46c706c47f0950f668c927c6d55fd4342aad0768a8c796c9dce7ae711
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ee12b93ba50a11840fa569d1a4d299a2a044b0c4e16adc69e769c5846c22daa
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0fb6b4da6262188e5bf45853e853278c4d541f441989fb6e24705475df659e23
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12445a0d098355ffd32c73170f54f3c33aaa46a791a4394b6d78d3cd03bc2179
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b602ead2a1b4f31efca9627e70bcbb98eb1b2287e04f3eb933d4a62aacfd51
177d03a93d5bcfcf091484b3da03592467931ab06aa64492c229c3b7e293470b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cd233467a75888451664a287c08f90ad1b663abd46a53455b24f0995c566264
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d41e4f089994546bbba0aeaef99c55af939b923fdfa1715b1a81b57c5e7dd6e
1f750129834af320d22fa79e2d8acc2240f2cc151c13f529cf058eb9d5764724
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20984c6e2cb9dd194165cc3dcc76df70588f5bc0a224f5a8eac3f3ec2160d76a
20b40eb0180e01e389b252c7ea71410958e9e6243d2b8537a5c87678c8f17ca6
21066dd1052a0cc3cc6d40e20caadba8f798380d59166e9b5ea75f4a859a472c
22c96bdb3d49a5bea2f1650d38d6b96e6a7a5fc99046178a57b15594e0d44514
22d020772d4885ac0ed5f7913304e8eb6e161eb32d3cc658e725959a0955a79e
231efb84a7d22946f1ab6a9b6da868dd6db754a53452ded803f6222eca24122a
2486a6cdf1597ce98cf07b9a39284472d19c2b75209ddcf960b635fa03b09376
2596babe09691d05a9a4ddf8fa424a1b47966d920aafbcfe1f762784c219528e
2643db9279e776408de903690d776978dd2c2fb82a1c0e6e9beb34cea3acd9ad
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
27847522718bbb814ccec374aa507bdf1777a98b2bf451ad33b23c4ce0c5ef69
287831b22c921f42f02cd1dc601ab687fdf107965233699abd72f4df3b7cb0b2
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
29d34a847c6d47d4f6f0b8f6df62a41cbad3f3d0c24d67830b7ae49df34dd5bc
2a5379b56f8880bf1b899229b54c7f7f22ad52cf5f422898728507d1f4b65bee
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c46eb0b5f03a7abb03d4c8727bcff2dea9fbf083f80b600031394d77a708564
2da5d05d435b77b219df533e65470640a14a029923fca081f970e8f84bab77f5
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f98203900631a678741dbe706f11050e1101a9239581b3edde285af6728ee9a
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
325e6a7b68748a169ffb84eef16a6aa2042e2fd8ee1819a61c7a5fb399ba5e54
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36b61b0bf0a254bae70f1fa3b46ad701c826505cfb3218cbb6f44d79c282ca03
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
37ae0e5ace2ec8066810439183d348223decdd4b54dd943956c7b220d1a647af
37f93f6690824193907dee75febefdfa4c67b30f415cbace49440f37980963cb
38901dc7deb0f1152f37944c47ec398a21ebd0f025c8b488adb91b57cf925482
38c3867a05bb09eb21b66966afa7a8651a22781ce63d09cf362a697d543562cf
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d0ec795e7ee3a78ccb490c844461fa29ba6efd036ffb97691928268321e35d5
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41145ced93f800ad1b0345872a1e51275073a3cd9bc607d4d940d05454d87ef6
41c00d3a9de81abc6d454395f4b79c38014e46064f5bf6fccf495d9b385510cc
41c9b724c00dba4554fa04b5637b2fec7b9067f208d11a974cbc4dd608de787d
448cedfc3027af5a97cb35afd354c8aa47fa14b348e66228572aff751051ffdb
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
470c5074c671f376d6f3ac789824ebf538f6188ae517f8495696d11d0ad351b5
47d95f1c3b542e1288615cf7ae6ae57dd0d35f69e9337ff2198063837de5b24c
487035222e45ddc9ede9ac4bd354db3263c24097e7e7796683fc1c5fd7efedfb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a85c1327a8b90e815c921c5e8d5a2575066841e088a4d21dcf5ca95376ef14
48bee65ff86530c82cd215a4024d547a6d252f7df579b938e821a65e9d4d03bb
4b90b383e486a8ccefe049feb886451043085f53df574c9947e59bad772eca5d
4be624c6915035ad35c909f2470e9002f2f81b6b719b991f3bfc32386e3bc6ea
4c61f7f5ce76a7f1becbac5015791c55c77b5101be0f6421f4d06e74ccd5fbe8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f8da3c5853e586acc9373a8d674ca69a6438bc38afe8c5f6096905d923d9674
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5083f81de3f6b142f6ece9933a02c3b52b2cf4e7b57c3aa3fb7584950459f4ee
5408ab3994b4585eae83c683fbeda980495a02460979f13c2fec6a28e1d13097
5454635db936cb67ed5144ac60bcea08201973a06e96b31f196578d2ef21b3a9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55243e8ee850fcc3ba913136b7fd6fdb9b44ca42e473f5a6c5e47df0bb76f1cb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5648794ce3e2f5b2c5f1bfc4ec4a80aaa4784e4183765c68587b0f3ac0800808
5a6ad3591cb930c5dbf80b6133e778a96c776dbb2888c5e211fa21496fdb763a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e089139fe4b3ea9eb5935d47116ee201051084aa328f2162797c90c94f7916e
600b5169e32abd297660c3a3dcdc4c178cb2fde5dd90d7444920090abd9c9c85
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ca8ae47824358ce0a1806051d30aef04b47a8562545985ca94ec7d4b3cdb45
6423be11726e1e0b4634c6eff293988080151402a0b5fa202b0d3ba768053261
665db8da710870a5f2aba0043d079d1f89b9d7521939f19ff09871c21e6a4203
66e6fad9e5ec87bcda3f169e68173f0d99c792ec94f8586d7df8a4edb540d1e5
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6200283c26910adba5aa53c3e1dc4f6ca0baa54b522c636e9bcf608fb77284
6bf42dd1ff60e1321d40af8fd7bade8e714dd3d582d90a0fe15d1cf6fde5d65e
6c438a8869058234d2aede95340b03a8b61621628104c289776f59391fb97e24
6c94c1fdf97052265c8a11d46b749c01ad62d34e8ae33e7c6fd63d284fc8ad89
6fc31c8520b164f7342ea7ac94546b949eb5b2cb1b1c3728b8e495d77e2bef40
732f04de75bbcd02ab0a582ecd6c060d923c421ee007549fb8bc5b079da64254
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
73b76b2df4b5c17bb821b7d35a73bb35c2f0a2d3242042898af129b5d5638678
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
7717c168fd31fdf0d2570a034cf1f419648556b8bbe9e081788df0f4e0fa60ad
781b0aebb68349b18b83b4e19968ee2e54f02c5ec8a83af982d3a30e3635cd27
7aa4991e4225151b3e5ec5d9b58651c46f859bc0731bf5c567fab4bcc3db1753
7b23fc5e72718d0c0530cbd5615086f14faa50add43fbb1039a9fe742ce62abe
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c607a5916fd05f9012c1a9c6be0871fa1c098d53c124959c01ed3b48c45c051
815564293529e8a1273e2d86754ea536392b6bfa1e9d98dadd708d3268e30c21
8187ce6268c7ec4b13ff2b76ca711cbd3d2bb080ed02b126f533c9d1a8307939
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84dfad548b325ebf2104ef5c98e43ca23cc8b670338301dd75034d5471609b3e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8912a98f5b1d3524642af2cce432800de245dcf0ee182c20a9408959a52cf28f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0b50970cafca56cb8591d8f0752fd06d3eb749b83ab20603eb6d13b261faa0
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7af0ffc3de156a3ebc7a029ad4e2866bacca70b6858e1f09096e3eb9143ddf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8f9cda0e578b3f585ceae7e20152414eebfb9b665140382479f9f7d082e8bd9d
8fbb6ac2042370cd1852813ccf8cc97aa9029eeb074ffd9509eeca2c123690aa
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
948fac7b2c2f4db785fa7da56552f17d94677e7e2eadc004f30fa79935c8df74
96314d02d76191e51edcab9bc6aaf688309d74d5c85b89cd694eba351029a400
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97d229cd97fec32a7c787a729642cfc14bfcd8963c84e00ca42d72d6dcc01221
98984a492a58345f2c950df5aa59441aa7c6e3bac7f7e06b9b3e69badacd57a4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4e1114258ebc7c5d03787c93a4f65c74ab07805b33a2cd06064e9ac81144ba
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad1bb44af5999c63ca2cb0cc07b90c55f3f4752a55578ff5fb7e2e953161e61
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9c39dd70f9f883200177546ecf0bae2824c4ccf23760de5d1bc5ab0c24f5b960
9d4a703bde8f0c4cd98017b707d1e36105a265d24e752739251b5d6541324b7d
9f659d4f475b2146d4bcf985a957276a490c80ae36e3a1c6fc12a914fe38db3a
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20d446986dff7b1312a464a9717b65881211aad446d4ad1bcc4c0044909b3b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81c8160b5d559bce449cdee1e6080a69244700eb6e4682d8905fdb738f97231
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0d05b0d0b3a46304d710a7457a57a93b6b48aa78163797650508b9090ed76cc
b0e5d4a0c56f2d100d4e4d5a8de61e5388ec801b5c914b8361b4a9ff8b9a8dd0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ee08a533b056346608022754c50e8f5abbd070652da7346b7d1c832f7a9f7d
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8ae8c6137098bbcd9e4fc58e47bf5f17cf499edacc9331ecad16b00784622d8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
bf7c39b1c04634e6ce785fdab6a4fb5708859c05afb6248d2803cfe5372f6f28
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22e801148939673da59909834ef2cbd09855ab48ecfc7ee3e501bd25eec0102
c47e3277e17f3fddae257e83adced71ea8eed89e4f58db09a7b34ce79ca035a9
c58ed6de66e7106cd4b0da9734f860afe7c4c65e73fd77da72cff572c5a312cd
c888ee94c1091a6d462433d7e5c71b872d53992983459bab21ada8d50efae413
c9f9937a2798feb904cb24d69529e2e92570e92cfc9098a07605350c860fd376
cac510e3034de611e3984c257e921899a889dec8f4dab7d19a1e52d1b076f6ae
cb1f43c37874f6fe8beff14fe22fbd55f89d279dc38b775c83e21f9e70d85b28
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccaa51271b339a3d0f1c244e679e062d2664aa1db8b42ccec98f8fcfca18d16b
cccf30038abcbf4d0d612fc493c5bcd879dd1dd585ff7b3c7ca7295e73671da8
cd4546cfc562b8dfb834b74e46ccd0f78bf0ab7ee91ff7dc715c4e0208cb640c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c1183003782a33b7a337ba76ca6f8f6413ede8d62210a01f16ccc5b0b6ef5
d10d79994ff724ed3166b1c3d95970dbf2a9e804a0af768dbc971d011b153c15
d1a0487fea35c3fd612d68397ae5c95e4b93cf09945d4378b45644d6282eaa9e
d2aafd9792387807d3b2f2ba08b7df604c75cad6a5ae98d4c999fe0ed4100871
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d35372eb43dde22c2b729cfd13376c853c0a44d60a478ac5167e57f8b7a4952d
d395e7816229e9d1fa1ab546e60a3c10dbb468140237d2ecc9f56c45d9db55ae
d6056da865e712186f2e3fed4c7a56f44af79f9f8054bae79f9fa2ada330e454
d84c0e03d446c926315d2fe2c4e4ddf9b71f77a93a7ccb1bf26a840d9dd4e975
d9756487f8cbdc94ffb89ad58d7655f26601912691b0e8723c51182ed57af5e9
daa9346d4445de08b9e12c573d88ec23c986a390c018b46bc2d0286ae4922b22
dc6d4eb355a1e1f25f698a0256f6a4635b89ecaaf26625af53aa56f03b6081b3
dc7713d7d03081a28ce08ae4e2c56c39a5ef1effdff8d0dd2f5b013c5d4cb59d
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dd7f1b6aab24a52fd2bd5fa9ea76a98dc355a7d85a1b9228eb2734b198aea8b6
ddcc88ba55f3d661ea4985d80d7cf93e64e35aba587d7f41b9fbbb82340d9f7c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
e0f0e7fcd7d036c0673352fa175fa17ec4cb8582fab0b490ab81887f02afbe09
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e19c02593bec327bbce793af8496d34733c2dd0dea00f55451094b56b509f142
e1c61f28734e85a36c41679e6ab0759d6c05f471f03c1a2ab29b542036f2b0bb
e26b9ec3d39953c018a5696e13aa3c4f40db07104e140d24782b601cdd463d86
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ecac81bed7e5fdbcd9b8d8caf945748cf52ec470f69451828579b97c29b78e
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e94f9bd95f45eaa53082fef37888ac8e26ac23858d1d92da1d4f762943a7dd70
ea728d33fb1fc2f8f694f341e6edc6ad0679e0509d3d702fa1abd11059ea4719
eb03b63f7cebd439c060cb565d2405c43cd94a185ef36f70e64891a13fc73ddd
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec81b7c067d9329f867aaba45fbd6f41f71df292964bc54116bb6825195d93c3
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed7e381673b83dd992d4654c3443aa68bf4768e8a5eaf5568055262846d93b58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f189ae9b842cd0818802f9d7b6f5ab37ffae60ad41385bb03e6c5b459a3c0b30
f2116afe23c229e57e1c07df9a5ebe8f92ddc13af3d9d945f646c4e68b1e5984
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3366bbeb603eae5ca619e79b677a23d4e20cc524995ae2ed66cbb358f4aaa65
f39fdb2fac6dbedc00c217fd646b40803e789faa4c42130b9870ce6c8802114d
f3a0d186e152bbeeb7b23ff5a10baa2b10213413dd9b762e5398fe0108b2230e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4831b445e7c4ec9281c513dba7e882e402baed0a75374e94370c6f5757f2e44
f550edcd8ddd3406cf76d5043489a7344ba8fac4a51a2e13bdd6eaeca5629369
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f9e787c9d70e0c965c4443b288ca75dfed1d883fc3d9bbde05accb94e8c179c4
fa85cd1b726221107fff7f87c414ae54cea1470f8e7d76434b918754d1db1ac5
fa9bc9f1fb1903f53ce6f4e8911eb5b5e684fb280667c9d5f778bb269f9e9d54
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fc0daf43c2398393b4b614f18d2f739c22d6f99cffbd2516ffbe23e6f294470c
fe25ea6af2dad0fc8ea30f81dee286b5985beb3bfba3af48a4990420ffbbc97e
fe5b82edf4409221825ffd8c85eb55844234713d72bc96894dd36a842a1e155a
fe693718caee42a00814b122bc3ad7b98d4432004522755e808d1c273a8ca0de
fed32a82c107a9c4ba81d67f00e6010857397349d45f131d9aef7321e6ba5b72
ff4832891f440eef69f6db3572ef7fc3e69f6635bf0d56af126b3930c0a5070e
ff91319a15480671e00ede786d29ccc0e5c03abf19687b87f75234750f400718
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc