cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:2bc5  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDWHgJqHvBTwBzha14TdEhg&google_cver=1&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iCFLka7wlp7nXB_uA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iCFLka7wlp7nXB_uA

Request Chain 52

• https://a.tribalfusion.com/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 54

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_cver=1&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzWbFFqKWgsf2QquXPIJQrFP-NW3gcAhrYT0NVwm334mJhBAZFT5NDq-PIhmfSsG4rEqse HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzWbFFqKWgsf2QquXPIJQrFP-NW3gcAhrYT0NVwm334mJhBAZFT5NDq-PIhmfSsG4rEqse&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_hm=Y6WD_CEPJ0SvpZ_sBMTw3QAABJQAAAIB&google_nid=index&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzWbFFqKWgsf2QquXPIJQrFP-NW3gcAhrYT0NVwm334mJhBAZFT5NDq-PIhmfSsG4rEqse

Request Chain 55

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGuwvz9x7F_7KqFWPEMaO9Y&google_cver=1&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_CtCapc HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_CtCapc&google_gid=CAESEGuwvz9x7F_7KqFWPEMaO9Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MDQ3MjM5MjUwNjUxOTE4NDY3Ng%3D%3D&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_CtCapc

Request Chain 56

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMmahQL_ciNhv8tZTzP6AV8&google_cver=1&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKAe0HJ-IsTAZfcMX30-jyhoaLGdLhTaI HTTP 302
• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMmahQL_ciNhv8tZTzP6AV8&google_cver=1&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKAe0HJ-IsTAZfcMX30-jyhoaLGdLhTaI&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TeGNFNzBkRTJ1R0Vxd1JfRVFCMVZndGNnOHJuV3I5aX5B&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKAe0HJ-IsTAZfcMX30-jyhoaLGdLhTaI

Request Chain 57

• https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNND1glwHSh0Aku47mp3uI&google_cver=1&google_push=AavPq0PUoHs4UTeCDPYl6VdR_ccEBQgtUM1fsrSGXNxkMwUqTSB9QsmzPG7dgSgNpbXNPXzhPHwRbQIiU4utSvfyWhouGt-d6GLCVXZH HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PUoHs4UTeCDPYl6VdR_ccEBQgtUM1fsrSGXNxkMwUqTSB9QsmzPG7dgSgNpbXNPXzhPHwRbQIiU4utSvfyWhouGt-d6GLCVXZH HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 108

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOojbNhONfA-9-Tz8kYRQ90&google_cver=1&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQNNT1ZUQVAbqiIILc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=PRFjpYP8QgCblDIN76DUrQ&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQNNT1ZUQVAbqiIILc

Request Chain 109

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMPgwXM2tYtBFMNyLueP8HI&google_cver=1&google_push=AavPq0N_8HdaQOx2KvjLeT_uLCLdqbSMhPEqjxVmLk2Z7V4RNfgqqPv_1MD_iqfKQSV2YDr978H21oem5mRFXpiE9OUwWKQ_3xn_idw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMPgwXM2tYtBFMNyLueP8HI&google_push=AavPq0N_8HdaQOx2KvjLeT_uLCLdqbSMhPEqjxVmLk2Z7V4RNfgqqPv_1MD_iqfKQSV2YDr978H21oem5mRFXpiE9OUwWKQ_3xn_idw

Request Chain 110

• https://um.simpli.fi/gp_match?google_gid=CAESEKOfDcPgxjqOT1D__dGA9fQ&google_cver=1&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn43OGYjPOzXKu9yzlU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=89D10149E4804D5EA8FFC5174ECEDEBF&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn43OGYjPOzXKu9yzlU

Request Chain 112

• https://ads.travelaudience.com/google_pixel?google_gid=CAESELvG4ZKC4ff8zgxZdwpanWA&google_cver=1&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lLcSNMZajoaG2EHw HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Yf1btWyrQvuf0hgI_0ABJA2&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lLcSNMZajoaG2EHw

Request Chain 113

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr3w_qJfN2396lYlK_-jTI&google_cver=1&google_push=AavPq0OnJ5D51CV8X8MxjfSun0X0vozAnfFHlauAPb8TXmsuiSVdHAVF4I9a2Ig_CZStKJgCWVywVOS8s80gw_L30jxQjZ53dBjWPw HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENr3w_qJfN2396lYlK_-jTI&google_cver=1&google_push=AavPq0OnJ5D51CV8X8MxjfSun0X0vozAnfFHlauAPb8TXmsuiSVdHAVF4I9a2Ig_CZStKJgCWVywVOS8s80gw_L30jxQjZ53dBjWPw&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdC4ZW_VRMGtVIkjopwThQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OnJ5D51CV8X8MxjfSun0X0vozAnfFHlauAPb8TXmsuiSVdHAVF4I9a2Ig_CZStKJgCWVywVOS8s80gw_L30jxQjZ53dBjWPw

Request Chain 119

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempOPdqoUKYaG-PUloLonh6INaM HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempOPdqoUKYaG-PUloLonh6INaM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMzODA5OTg5OTE5NTEwNDQzOA&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempOPdqoUKYaG-PUloLonh6INaM

Request Chain 120

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP5JhUD9dr-aDDb6CJ7UumY&google_cver=1&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4 HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP5JhUD9dr-aDDb6CJ7UumY&google_cver=1&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4&google_hm=F3RZpGZHZH1YsU8cRaWL73bA

Request Chain 121

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEV4A53bn5I6BQKNUsVk8sU&google_cver=1&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2aMMkJo9bHGM_Sk08 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2aMMkJo9bHGM_Sk08

Request Chain 122

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKOw8f8qafHEbEz1pLOsxNU&google_cver=1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671791612856 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-a36fb76b-37f2-4ac1-ba83-68d03c6c880d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g%26google_hm%3DA6Nvt2s38krBuoNo0DxsiA0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&google_hm=A6Nvt2s38krBuoNo0DxsiA0

Request Chain 123

• https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKw-dH5fwWL5oAg4D2ek1fc&google_cver=1&google_push=AavPq0NmbIqPuBSr71EDqSizolAhUyZIujNhp3tGDPboUFtLmxxZdzgwTtWwkx8oxlPMMmed-5w7z5qDYiYKiTHtm63HmIJ1cXZVhGg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NmbIqPuBSr71EDqSizolAhUyZIujNhp3tGDPboUFtLmxxZdzgwTtWwkx8oxlPMMmed-5w7z5qDYiYKiTHtm63HmIJ1cXZVhGg HTTP 302
• https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 128

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK0bCCK7gN1GgYjMi9X1S5Y&google_cver=1&google_push=AavPq0OpzmDTdIrfore0mFIcNlgVum4PYD1mMDqcZ0I8D2f6_akQTOFEWYT697yYs_X5oDCRfVUCTHyYY9C6Qzy9qksG0US0VlXmJy1N HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM2OTYyNTkyNjQyMTYyNzI0NA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKa-ooRgpUo_agG-wxuEklc&google_cver=1

Request Chain 130

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs3wAum8vR8lmO7w4VsO-bCDRA-mWHoIy4vCsITScS-ZSFc-VDGoBY64Jv8 HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs3wAum8vR8lmO7w4VsO-bCDRA-mWHoIy4vCsITScS-ZSFc-VDGoBY64Jv8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzVpRklEVjMxUDhGbVE1&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs3wAum8vR8lmO7w4VsO-bCDRA-mWHoIy4vCsITScS-ZSFc-VDGoBY64Jv8

Request Chain 132

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVWqtroUGTMuwh9iYpuxS9TVHKl HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVWqtroUGTMuwh9iYpuxS9TVHKl HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc0NzUwNjkzMDQxOTA0NDUyNg&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVWqtroUGTMuwh9iYpuxS9TVHKl

Request Chain 134

• https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENX9pjZPs2PsTbj0CXEf8Vo&google_cver=1&google_push=AavPq0PJ9ItRWI1vTou7CIca8zZRcW-1xi95V2bKin5m9kd8xq7zeAR1LmvD6pDgzu686c9hiX-1y9kF9Z__gJtXxWGonPYkubqX0YTrww HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PJ9ItRWI1vTou7CIca8zZRcW-1xi95V2bKin5m9kd8xq7zeAR1LmvD6pDgzu686c9hiX-1y9kF9Z__gJtXxWGonPYkubqX0YTrww HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 145

• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPS9-InFj_wCFZyXdwodLsQIzQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
• https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 148

• https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKTB-InFj_wCFRnFdwodlTQLEg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
• https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
• https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
• https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122311333379764916041X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 151

• https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.conrad.de/ztpv.php?awc=11354_412871_1671791613_3ff5f471-82ad-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 157

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMXC-InFj_wCFduE_QcdWwADaw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671791613_400efab0-82ad-11ed-b703-22303eeb12d1

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cybernews.com/news/punisher-ransomware-covid-app/	124 KB 28 KB	717ms 626ms	Document text/html	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4612438ff223ad9006e3151b2959058150bedb11a665c4cd8191f3cec3a1ae6e Security Headers Name Value Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=14400 cf-cache-status MISS cf-ray 77e0707e5efc9bc5-FRA content-encoding br content-security-policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset=UTF-8 ct-content-bucket News ct-content-type Editorial date Fri, 23 Dec 2022 10:33:31 GMT expires Fri, 23 Dec 2022 14:33:31 GMT last-modified Thu, 22 Dec 2022 14:07:42 GMT referrer-policy no-referrer server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	157ms 63ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1539 etag W/"ae63ef8ff03da61fffaa7f165729897a" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 77e07082ea5d8fe6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 26 Dec 2022 10:33:31 GMT
GET H2	200	base-9bd202b6a2.js Show response cybernews.com/js/	23 KB 9 KB	82ms 81ms	Script application/javascript	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cybernews.com/js/base-9bd202b6a2.js Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5f63e271056ce6a47a22f4676897b74e5b67f8f8244cc49a07a9a6dd6d256e4 Security Headers Name Value Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br content-security-policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; age 4119 cf-polished origSize=23850 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 19 Dec 2022 10:22:19 GMT cf-bgj minify server cloudflare etag W/"63a03b5b-5d2a" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=14400 cf-ray 77e070825f689bc5-FRA expires Fri, 23 Dec 2022 14:33:31 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 49 KB	167ms 83ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3306bffe7050123c4c22e3a8c2e691453236c3bcb586d80a1ea3bad7e03d02d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://cybernews.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49315 x-xss-protection 0 server cafe etag 10270310860921899297 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 23 Dec 2022 10:33:31 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	233 KB 81 KB	135ms 51ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b9ed4d0c8131701e7e0b76b7a6253659e3924cec91187270266a6f56a0fa4ba8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 82621 x-xss-protection 0 last-modified Fri, 23 Dec 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 23 Dec 2022 10:33:31 GMT
GET DATA	200 OK	truncated /	61 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 34a9b8c3e6088d42a01e3cf800492030fe7432bc24fa9f6ce83e8471f4ab58b2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	61 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6976b1e225d48e5e0097d79498a99fc73f8b43cd4b693080aa5f6960e1ce50e4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	61 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f290a3a287182664a81ea150c04e7d1a451f1bf74f6738b43d382e3d40d98002 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	63 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 60ad116ae1e0c852d421942d4bc1d98305c8ed70437e69dcfa77583a656f2294 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	63 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	62 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	hqdefault.jpg img.youtube.com/vi/VFFgw0UOnQE/ Frame 5CC7	39 KB 40 KB	160ms 50ms	Image image/jpeg	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://img.youtube.com/vi/VFFgw0UOnQE/hqdefault.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1837264e456cd520150142333437128e98ae1d64c4ed225f2fe26ef07f1b9b7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40070 x-xss-protection 0 server sffe etag "1669405379" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 23 Dec 2022 12:33:31 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	173ms 50ms	Script text/javascript	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 23 Dec 2022 10:27:21 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 370 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Fri, 23 Dec 2022 12:27:21 GMT
GET H2	200	Jurgita_1.jpg media.cybernews.com/images/124w/2022/11/	2 KB 3 KB	83ms 68ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/124w/2022/11/Jurgita_1.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e60531e9fd368ea44f9e6433b24c855549e84c81b27558014b1867cf3ef84d92 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2473 cf-resized internal=ok/m q=0 n=41 c=2+85 v=2022.12.3 l=2473 last-modified Wed, 30 Nov 2022 13:46:24 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cfzPoP9syVqMFafLzrztKVRMFwu8a78mnQ6fWd3Ow7DQ:63e1c459d548d27b3a552c51733cb41e" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308d89bc5-FRA
GET H2	200	COVIDtrackingapps.jpg media.cybernews.com/images/750w/2022/11/	76 KB 76 KB	2062ms 2047ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/750w/2022/11/COVIDtrackingapps.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a25c6e99dd7fb25b5281b8d551f8613a1e0c8c4b3b1914dc317d187a75a824a7 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 277271973696874a01ff55ed7a25a37c.cloudfront.net (CloudFront) cf-cache-status MISS x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77529 cf-resized internal=ok/m q=0 n=854 c=11+1090 v=2022.12.7 l=77529 last-modified Mon, 28 Nov 2022 09:31:57 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cfH3wF_GdW7ZH8aLldX15oN44Lu5KfpxHRw9djGO55DQ:2740d3a71baa5ee68361838d575698c9" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308db9bc5-FRA
GET H2	200	Yakubetslamborghini.jpg media.cybernews.com/images/thumbnail/2022/12/	23 KB 23 KB	107ms 92ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/thumbnail/2022/12/Yakubetslamborghini.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3159c0b3cae95cbb0e048239c1d3881e9147e45cc56c301528235367ed63c057 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 830686c9072da9151c60c7f203fc4a34.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23081 cf-resized internal=ok/h q=0 n=12 c=6+106 v=2022.12.7 l=23081 last-modified Thu, 08 Dec 2022 10:31:48 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cfP1-CMsTMQVm6_g960Wjkj5FgPri99XVCPD58WiJxDQ:25c10d8c79941643dc00980fa3f7bb92" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308e19bc5-FRA
GET H2	200	Skinwhiteningproductapp.jpg media.cybernews.com/images/thumbnail_small/2022/12/	2 KB 2 KB	83ms 68ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/thumbnail_small/2022/12/Skinwhiteningproductapp.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28d247cda2c18d104d3c0a81415ba4512d20afc65ac7317573318ddecab2d67f Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2133 cf-resized internal=ok/h q=0 n=26 c=3+55 v=2022.12.7 l=2133 last-modified Thu, 15 Dec 2022 13:41:39 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cf_qB26bQhOSNzkggOi43xHU1T8iFZYhIqdjUqgfspDQ:b6f7f9de7eb884e7290febf50ff98a12" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308de9bc5-FRA
GET H2	200	russia-smokescreen-hacker.jpg media.cybernews.com/images/thumbnail_small/2022/12/	3 KB 3 KB	81ms 66ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/thumbnail_small/2022/12/russia-smokescreen-hacker.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4c2fff0a3d8e9cd487a275298ebe182475b2b390f9a8a4f3ef766d56e0b7131 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 a0e6061772061e71095adafcf8e4654c.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3034 cf-resized internal=ok/h q=0 n=11 c=4+80 v=2022.12.3 l=3034 last-modified Mon, 19 Dec 2022 13:00:12 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cfHvGyMgI0SMd3M3wm1Mk2_bVp8iFZYhIqdjUqgfspDQ:eba5a6fa2a21941ebf7e18cbbf68e202" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308df9bc5-FRA
GET H2	200	muks-profile-twitter.jpg media.cybernews.com/images/thumbnail_small/2022/12/	2 KB 2 KB	86ms 71ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/thumbnail_small/2022/12/muks-profile-twitter.jpg Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 959bc92c3674a2e631f7ab7f1aa7d468dc10dadfb5b11b136672f02bf926c5a4 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1983 cf-resized internal=ok/h q=0 n=237 c=5+108 v=2022.12.3 l=1983 last-modified Thu, 15 Dec 2022 12:51:36 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cfT3l2MAcZywT24bppy4b9N0sE8iFZYhIqdjUqgfspDQ:7fe3be6bb78658766016eb09177b0986" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e0708308da9bc5-FRA
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	283 KB 68 KB	94ms 55ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1539 etag W/"2f96824aee4bf927e734cc519e3e726d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 77e070839b3b9bbf-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 26 Dec 2022 10:33:31 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/	2 KB 1 KB	166ms 83ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1671791611488&cv=11&fst=1671791611488&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&tiba=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&auid=143841002.1671791611&uaw=0&data=contentBucket%3DNews%3BcontentType%3DEditorial&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7b096c42b299a55dc33460ccfbe31261a0fce87049a346b8d9b2c80f4869bb86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 952 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	219 KB 76 KB	122ms 47ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a2e5e9fa6bf4943570ab5791e931b2db4217ad730f4ee8fbccbc8b5c08335e4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77508 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 23 Dec 2022 10:33:31 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/	356 KB 117 KB	169ms 94ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fa2c92a00264ec654a5017f52b170ab5205bb5cefaa5b63eacd172139e2c5d53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119966 x-xss-protection 0 server cafe etag 3551919442606576216 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 23 Dec 2022 10:33:31 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 8355	10 KB 5 KB	92ms 37ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81971 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 10353107486223812946 expires Thu, 05 Jan 2023 11:47:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	173ms 70ms	XHR text/plain	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=996177032&t=pageview&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&ul=en-us&de=UTF-8&dt=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1883034599&gjid=1977595004&cid=105992210.1671791610&tid=UA-149779697-1&_gid=1071015071.1671791612&_r=1&_slc=1&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&z=1084272022 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	171ms 71ms	XHR text/plain	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=996177032&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&ul=en-us&de=UTF-8&dt=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookieFooter&ea=load&el=organic&_u=YADAAEABAAAAACAAI~&jid=989527915&gjid=770505332&cid=105992210.1671791610&tid=UA-149779697-1&_gid=1071015071.1671791612&_r=1&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&gtm=2wgbu0KMWQ6GT&cg1=News&cg2=Editorial&cd6=2022-12-23T10%3A33%3A31.493Z&z=3922797 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/589784210/	42 B 548 B	133ms 49ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/589784210/?random=1671791611488&cv=11&fst=1671789600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&tiba=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=677303053&rmt_tld=0&ipr=y Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/589784210/	42 B 548 B	131ms 48ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/589784210/?random=1671791611488&cv=11&fst=1671789600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&tiba=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&random=677303053&rmt_tld=1&ipr=y Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 345 B	142ms 44ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=2oebu0&_p=996177032&_gaz=1&cid=105992210.1671791610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671791611&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&dt=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=News Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	144ms 48ms	Ping text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=105992210.1671791610&gtm=2oebu0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	90ms 50ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=105992210.1671791610&gtm=2oebu0&aip=1&z=1778986043 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 440 B	134ms 47ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=1883034599&gjid=1977595004&_gid=1071015071.1671791612&_u=IADAAEAAAAAAACAAI~&z=574195535 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	135ms 48ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=989527915&gjid=770505332&_gid=1071015071.1671791612&_u=YADAAEABAAAAACAAI~&z=714876795 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cybernews.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	393 B 699 B	127ms 44ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=cybernews.com&callback=_gfp_s_&client=ca-pub-5928161074779380&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1abc16a4fc015ee35f7c72a2eef5a884d5f3977215f61c8b571a98021762af2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 254 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	199ms 75ms	Script application/javascript	2a00:1450:400d:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=cybernews.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	198ms 74ms	Script application/javascript	2a00:1450:400d:80c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cybernews.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:31 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 88C3	182 KB 45 KB	586ms 498ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1671718062&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&plas=164x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611505&bpp=2&bdt=271&idt=271&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7255084015977&frm=20&pv=2&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 550f6647bc0dc7c3c1c2f7caebee4fe1a661ec96833f209734090a4418db0548 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 45753 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:32 GMT expires Fri, 23 Dec 2022 10:33:32 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2829	31 KB 12 KB	457ms 377ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b9d8628e77c7993352c407f45d449307e4236ce7352a370c7a70f543d2efc81e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 12483 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:32 GMT expires Fri, 23 Dec 2022 10:33:32 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5387	139 KB 30 KB	587ms 513ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a37cf7e4c7f3f2d7a4059b857a214e4ec8b91be758b938e458047da86ed07482 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 30813 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:32 GMT expires Fri, 23 Dec 2022 10:33:32 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	128ms 48ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=1883034599&_u=IADAAEAAAAAAACAAI~&z=757034742 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	133ms 54ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=1883034599&_u=IADAAEAAAAAAACAAI~&z=757034742 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	126ms 47ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=989527915&_u=YADAAEABAAAAACAAI~&z=1854594259 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	130ms 52ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-149779697-1&cid=105992210.1671791610&jid=989527915&_u=YADAAEABAAAAACAAI~&z=1854594259 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 3F1B	0 0	89ms 89ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CaML1-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSPAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPUSg1fEj6fLukQsM-P3AbwSdRyg4ptWK2V3VdQvHxCQCSxg1ghgmABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=gHO4RKdjaPg&uach_m=[UACH]&cid=CAQSKQDq26N9CnVDkAyDMj67Bc0XMlD_w7hIHzr65DPNWsaBHxrcm36CR9vLGAEgEw Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 3F1B	0 0	133ms 47ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1kh4weckb3nth9xxxn4zvxbd8ta15cpq7tr8tkekb4cmn6c4cfgzfa3748n5h44ame08fqav6kc64623vqd3x2gzw8fhm196hf8epevja4219rbd6ajt0mdw47k458v4rx7fssa1nrzd087bap227w6rga6gxrawdqwv0rrkp2yn94rn2dr0xr8wkcgf9tr1ezb10t23qhbmm27md1haxrjt6t2t1xd3pg19sd2tvf1kpvvss6c584c1wexf8tv07q9ddtbrnvg9t7d6vk6f8zaa9h2fyg47csmk41qqzcrbtyhey65kyzjvyyj49fq32y4w3256xd7z0mbv1va8z14phqecm8sqca8m99kaqdxzewg3qe19edgs82r0ca9hqttp55dts0&b=Y6WD-wAN_5sK5uhSAAaJM3ieG4rHOe1cKipRxw Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	dr Show response as.ad4m.at/ad/ Frame DB4E	2 KB 3 KB	169ms 75ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1kq90m20vjxbjk0s1z3a2hj2b4494ajedsyrjvbbws709m9jpbvbmtdzd8pcq8f5vmdwkyedc2j3rp5xn88rw4337qsrp7jd0ztv2cww7dbcnnx7521sa9p1nqsphadgj4nnybpagn59t7pwpkfh1tzd2yrp7ba0hk9rk35d67trc6zqnnyqhevbhzrcwv0sq03h7y889g22k5jy4853m2hgygyspqf48j87jat5fbkzbdjyfdh09jrcw1snj531s14njv0hn05b0tj8ph0b0gx7ynxbhc4t59fbskdjb2k7w7r54tdf3sw5vpsx0mwtz18sj4e8djsvpmxrrmbmy20v06gq6t8cj64wgcdnbkgtr1vgsvdnd7ykn73kf5hvgqmrt7gzj0m75c32zcvd7fvcag9dv2m5ec5dt1snc8xr2exz42fxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%26client%3Dca-pub-5928161074779380%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42fcfd11dd95a97e37fab07b2cbdaa1825dbc242e529665e9abe031ad89493f3 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 77e070897f9c913c-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:32 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3F1B	3 KB 1 KB	131ms 40ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 13:58:43 GMT content-encoding br x-content-type-options nosniff age 74089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 13:58:43 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0B7C	1 KB 643 B	38ms 37ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 48472445140208031 expires Fri, 23 Dec 2022 11:47:20 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3F1B	18 KB 8 KB	126ms 37ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7480 x-xss-protection 0 server cafe etag 15631949847000551034 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 3F1B	0 0	45ms 44ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi3NzT9yxarUnyEHdj7_y7ObMt1tX9lThH5kKxYHuFRvqFLjz_YjBs1oa2jm_GP1RI4tv_EmqI7tuiHt8Jf9AhXB3thw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3F1B	153 KB 47 KB	298ms 161ms	Script text/javascript	2a00:1450:400d:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47725 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1670417373259609" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 23 Dec 2022 10:33:32 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0B7C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDWHgJqHvBTwBzha14TdEhg&google_cver=1&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iC... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iCFLka7wlp7nXB_uA	170 B 232 B	74ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iCFLka7wlp7nXB_uA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 23 Dec 2022 10:33:32 GMT Server MT3 277 3f0ad7a master cdg-pixel-x33 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MwZqsVtU_JB4tHMGOPNHl2ehmFAXl5x2PLhFivWz9DVjwtocKMqGwrOs74B8BVqnVYcvTgpz5s2cnSE0iCFLka7wlp7nXB_uA P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Fri, 23 Dec 2022 10:33:31 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 0B7C Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiF... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_P...	43 B 426 B	236ms 221ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 77e0708b2896bbcd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 598 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSeiNBx0WDN5ji1fy_umvk&google_cver=1&google_push=AavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M8dNaLti3NzU95T1rliVr-IdF3akV-mq33MOBzExxpvMUvbwpQzmiMJDIaQm_tL3WyVcVUZdROsbUgdejMFgj9FvPc4_PiFT86%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 77e07089cd9abbcd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	dds rtb.openx.net/sync/ Frame 0B7C	43 B 350 B	161ms 48ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEEXLICu7PfEIcDyxkEaHJMA&google_cver=1&google_push=AavPq0NFQJR-Un6pb2W_zOmKlAYijlCLlosNJLZEiCQmN-bjr5oHOqap5Pw_UqIY1Bb_gjFrtq9fjK75cCN34BN3dLfdreFo2YpiLVX9 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:31 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id f1d11qi1hicmf6sh6oq8n03av42k306k
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0B7C Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_push=Aa... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_hm=Y6WD_CEPJ0SvpZ_sBMTw3QAABJQAAAIB&google_nid=index&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzW...	170 B 188 B	180ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_hm=Y6WD_CEPJ0SvpZ_sBMTw3QAABJQAAAIB&google_nid=index&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzWbFFqKWgsf2QquXPIJQrFP-NW3gcAhrYT0NVwm334mJhBAZFT5NDq-PIhmfSsG4rEqse Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvTxc9o330eBYDTh0IWrBnt52Sg6kqfJRgn8X%2FdCjtVT8LF60%2FfYaJHa3pnX2Fx%2BHS%2FCYfoqqqTIHJW5eTfW04DYfMevYFTvDLS75fYjbyEWzj6sENCT1sk9NqDBRW44VXaG0xYL6jsNgg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIU0GA-bUhIFEUvPqcOmCWY&google_hm=Y6WD_CEPJ0SvpZ_sBMTw3QAABJQAAAIB&google_nid=index&google_push=AavPq0OHPh3i6CfdMfrT8hRK1qS9K7f-Z2KzWbFFqKWgsf2QquXPIJQrFP-NW3gcAhrYT0NVwm334mJhBAZFT5NDq-PIhmfSsG4rEqse cache-control no-cache cf-ray 77e0708a8cf09b28-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0B7C Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGuwvz9x7F_7KqFWPEMaO9Y&google_cver=1&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_... https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_C... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MDQ3MjM5MjUwNjUxOTE4NDY3Ng%3D%3D&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaY...	170 B 329 B	75ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MDQ3MjM5MjUwNjUxOTE4NDY3Ng%3D%3D&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_CtCapc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MDQ3MjM5MjUwNjUxOTE4NDY3Ng%3D%3D&google_push=AavPq0MplBjWaj-ayvYBfGflSceIfpqaYiujxIFr5b5mSby3PhNgVKaYSwEzCPzE-HkQiX-FdEhT4Tpja2035N9PyuRe-S0j0_CtCapc date Fri, 23 Dec 2022 10:33:32 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0B7C Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMmahQL_ciNhv8tZTzP6AV8&google_cver=1&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKA... https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMmahQL_ciNhv8tZTzP6AV8&google_cver=1&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKA... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TeGNFNzBkRTJ1R0Vxd1JfRVFCMVZndGNnOHJuV3I5aX5B&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6sm...	170 B 232 B	75ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TeGNFNzBkRTJ1R0Vxd1JfRVFCMVZndGNnOHJuV3I5aX5B&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKAe0HJ-IsTAZfcMX30-jyhoaLGdLhTaI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TeGNFNzBkRTJ1R0Vxd1JfRVFCMVZndGNnOHJuV3I5aX5B&google_push=AavPq0O25HUOYOAnW8TkgbgOsIjrkRLV8ODzlMGLxnmS5Nd1dfqSda6smIwoI7t9kCamv09eKAe0HJ-IsTAZfcMX30-jyhoaLGdLhTaI date Fri, 23 Dec 2022 10:33:32 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	report sync.teads.tv/um/ Frame 0B7C Redirect Chain https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNND1glwHSh0Aku47mp3uI&... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PUoHs4UTeCDPYl6VdR_ccEBQgtUM1fsrSGXNxkMwUqTSB9QsmzPG7dgSgNpbXNPXzhPHwRbQIiU4utSvfyWhouGt-d6GLCVXZH https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 172 B	122ms 122ms	Image image/gif	104.96.128.226 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H2 Server 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-128-226.deploy.static.akamaitechnologies.com Software akka-http/10.2.9 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers expires Fri, 23 Dec 2022 10:33:32 GMT pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.9 content-length 23 content-type image/gif Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 0B7C	0 223 B	210ms 72ms	Image text/html	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcHsNArEgYltRfjP-vU4LTPYRlFC67sUNwZzg2PT2Wg6UKeLjj6HWmPp3d94iZgjEd7N7jDfw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=8387108948&adk=2217422274&adf=2933161405&pi=t.ma~as.8387108948&w=350&fwrn=4&fwrnh=100&lmt=1671718062&rafmt=1&format=350x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611507&bpp=2&bdt=272&idt=293&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1023&ady=1314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cI3vXjBWPI&p=https%3A//cybernews.com&dtd=297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	1eaa1e49c6d827e7897bafa951c60a71.js Show response www.gstatic.com/mysidia/ Frame 5387	9 KB 5 KB	176ms 51ms	Script text/javascript	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 01:38:31 GMT content-encoding gzip x-content-type-options nosniff age 204901 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4197 x-xss-protection 0 last-modified Thu, 08 Dec 2022 23:34:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 21 Mar 2023 01:38:31 GMT
GET DATA	200 OK	truncated / Frame 3F1B	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27baabe07a8090bd75ebaa28d700d825f6d5ea50931b8679290dfb29376cf0d7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5387	2 KB 765 B	114ms 37ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H2	200	a32ec6d66afc3186d932d2fa3de45437.js Show response www.gstatic.com/mysidia/ Frame 5387	22 KB 9 KB	154ms 53ms	Script text/javascript	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a32ec6d66afc3186d932d2fa3de45437.js?tag=exit_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0f005ee73493fb10f179e1200181c2f867ec5cf5df6e8f45c696e7c9d751221 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 06:12:34 GMT content-encoding gzip x-content-type-options nosniff age 447658 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9518 x-xss-protection 0 last-modified Thu, 08 Dec 2022 23:34:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sat, 18 Mar 2023 06:12:34 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 5387	23 KB 9 KB	107ms 37ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9443 x-xss-protection 0 server cafe etag 9828741834572772835 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5387	3 KB 1 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 13:58:43 GMT content-encoding br x-content-type-options nosniff age 74089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 13:58:43 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5387	18 KB 7 KB	113ms 45ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7480 x-xss-protection 0 server cafe etag 15631949847000551034 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 5387	0 0	45ms 44ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjiggLNQhMy6-MTrA-lTUahT_k88pfbvcOszQxGwAqxUxvzX-PsSbODOltT7-kS1F34pmy00BkKZ6laiVTl_VYaCCHiA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5387	153 KB 47 KB	235ms 130ms	Script text/javascript	2a00:1450:400d:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47725 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1670417373259609" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 23 Dec 2022 10:33:32 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/	150 KB 51 KB	85ms 84ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js?bust=31071167 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash aa0a235a0edb76846d6a656d6b81b3308d36d4f3411cb6c73df7b15da0782ce2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52347 x-xss-protection 0 server cafe etag 10991984308195028232 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 23 Dec 2022 10:33:32 GMT
GET H3	200	default.css as.ad4m.at/ad/style/0.1.27/one-ad/ Frame DB4E	89 KB 12 KB	90ms 51ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1kq90m20vjxbjk0s1z3a2hj2b4494ajedsyrjvbbws709m9jpbvbmtdzd8pcq8f5vmdwkyedc2j3rp5xn88rw4337qsrp7jd0ztv2cww7dbcnnx7521sa9p1nqsphadgj4nnybpagn59t7pwpkfh1tzd2yrp7ba0hk9rk35d67trc6zqnnyqhevbhzrcwv0sq03h7y889g22k5jy4853m2hgygyspqf48j87jat5fbkzbdjyfdh09jrcw1snj531s14njv0hn05b0tj8ph0b0gx7ynxbhc4t59fbskdjb2k7w7r54tdf3sw5vpsx0mwtz18sj4e8djsvpmxrrmbmy20v06gq6t8cj64wgcdnbkgtr1vgsvdnd7ykn73kf5hvgqmrt7gzj0m75c32zcvd7fvcag9dv2m5ec5dt1snc8xr2exz42fxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%26client%3Dca-pub-5928161074779380%26adurl%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1kq90m20vjxbjk0s1z3a2hj2b4494ajedsyrjvbbws709m9jpbvbmtdzd8pcq8f5vmdwkyedc2j3rp5xn88rw4337qsrp7jd0ztv2cww7dbcnnx7521sa9p1nqsphadgj4nnybpagn59t7pwpkfh1tzd2yrp7ba0hk9rk35d67trc6zqnnyqhevbhzrcwv0sq03h7y889g22k5jy4853m2hgygyspqf48j87jat5fbkzbdjyfdh09jrcw1snj531s14njv0hn05b0tj8ph0b0gx7ynxbhc4t59fbskdjb2k7w7r54tdf3sw5vpsx0mwtz18sj4e8djsvpmxrrmbmy20v06gq6t8cj64wgcdnbkgtr1vgsvdnd7ykn73kf5hvgqmrt7gzj0m75c32zcvd7fvcag9dv2m5ec5dt1snc8xr2exz42fxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%26client%3Dca-pub-5928161074779380%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1670930538 age 855978 cf-polished origSize=91628 x-guploader-uploadid ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 13 Dec 2022 11:22:46 GMT server cloudflare etag W/"575def06e70febb0cbd25403e37880bf" vary Accept-Encoding x-goog-generation 1670930566724484 content-type text/css x-goog-hash crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSoZ6UeXlOjS66bT2Y61YyyX%2FiO2Yt6NWiMBhOX68oDaLP2hE4Oiq1AUIKfWo985ofR%2BQADgthPHieUuMcYoLM19CJRKli4z0UBhR8UquDocNtVzM0WZTX3C9s%2BaVhjtFiOGu%2BKpzN4%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 91628 cf-ray 77e0708a3f0c6951-FRA expires Fri, 23 Dec 2022 11:33:32 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame DB4E	35 KB 12 KB	59ms 49ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1kq90m20vjxbjk0s1z3a2hj2b4494ajedsyrjvbbws709m9jpbvbmtdzd8pcq8f5vmdwkyedc2j3rp5xn88rw4337qsrp7jd0ztv2cww7dbcnnx7521sa9p1nqsphadgj4nnybpagn59t7pwpkfh1tzd2yrp7ba0hk9rk35d67trc6zqnnyqhevbhzrcwv0sq03h7y889g22k5jy4853m2hgygyspqf48j87jat5fbkzbdjyfdh09jrcw1snj531s14njv0hn05b0tj8ph0b0gx7ynxbhc4t59fbskdjb2k7w7r54tdf3sw5vpsx0mwtz18sj4e8djsvpmxrrmbmy20v06gq6t8cj64wgcdnbkgtr1vgsvdnd7ykn73kf5hvgqmrt7gzj0m75c32zcvd7fvcag9dv2m5ec5dt1snc8xr2exz42fxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%26client%3Dca-pub-5928161074779380%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Nov 2022 06:17:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 274512 etag W/"49e3b0ffd5e74f27b691e89cf271d672" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLVuODPHlgnJuZNz2Sv%2Fo7SapO2Rlurbq7gqoDImwmwwZc1TkFPDHORN0gXx1TEd%2BkIckG3ZSZkgDqRwMb0Ir9u%2BfiLQtTjgUhef8mOqsTcetAc2%2BOMH5yY3wxtSuMEy9l0%2F0tM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 77e0708a08bf913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 20 Dec 2022 06:18:10 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	124ms 46ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=cybernews.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	178ms 74ms	Script application/javascript	2a00:1450:400d:80c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cybernews.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame D67B	10 KB 4 KB	37ms 36ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 10353107486223812946 expires Thu, 05 Jan 2023 11:47:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 1C93	10 KB 4 KB	37ms 36ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 10353107486223812946 expires Thu, 05 Jan 2023 11:47:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/460773265010183185/ Frame 5387	74 KB 74 KB	40ms 40ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/460773265010183185/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f22d4054253823ce35980fd2014b7ecd5c2589bbabfef9ce627ce1f4b350da8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 05:33:39 GMT x-content-type-options nosniff age 449993 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 75889 x-xss-protection 0 last-modified Tue, 28 Jun 2022 00:01:33 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 05:33:39 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/4342469808852200983/ Frame 5387	48 KB 48 KB	53ms 52ms	Image image/png	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4342469808852200983/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9c2a51f8ce9833a19c1c9c6932030cce86cf438b00199a4b980989e18efec1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 08:38:38 GMT x-content-type-options nosniff age 438894 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49143 x-xss-protection 0 last-modified Tue, 28 Jun 2022 04:29:44 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 08:38:38 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/11729118761296790360/ Frame 5387	90 KB 90 KB	68ms 67ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11729118761296790360/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aba5724fe93821e5b66946f4452707c484f86862aaac4d60eccafeb68b06e72d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 23:03:18 GMT x-content-type-options nosniff age 387014 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91892 x-xss-protection 0 last-modified Tue, 28 Jun 2022 02:40:53 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 23:03:18 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/4489447244828712068/ Frame 5387	85 KB 85 KB	101ms 100ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4489447244828712068/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c81fc41ce40b4951c46e19928e675b0625a346e64ddd169a7f6f21c66cc4c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 00:56:40 GMT x-content-type-options nosniff age 207412 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87287 x-xss-protection 0 last-modified Fri, 07 Oct 2022 10:48:30 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 21 Dec 2023 00:56:40 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/15204332411356427221/ Frame 5387	41 KB 41 KB	110ms 108ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15204332411356427221/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 52d0a608107b5017011d7a257dd7cd9feea8083bfbd5a37c1ea0726bfa9aba48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 09:34:34 GMT x-content-type-options nosniff age 435538 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42052 x-xss-protection 0 last-modified Wed, 29 Jun 2022 09:28:26 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 09:34:34 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/2815448662781415521/ Frame 5387	31 KB 31 KB	108ms 107ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2815448662781415521/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd84d69fe933b9e86dbc15edd65496da47a2752ce0e93080b6d14635fae5e889 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 05:55:37 GMT x-content-type-options nosniff age 448675 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31340 x-xss-protection 0 last-modified Tue, 28 Jun 2022 09:24:02 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 05:55:37 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/6142320143257888391/ Frame 5387	44 KB 44 KB	105ms 105ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6142320143257888391/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7764f4db96d904d0ed5fc7af155f24a114e1a12a482b7cd1da842db6cf42acf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 05:11:55 GMT x-content-type-options nosniff age 451297 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45315 x-xss-protection 0 last-modified Fri, 02 Dec 2022 11:42:36 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 18 Dec 2023 05:11:55 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/6408250411108310548/ Frame 5387	194 KB 194 KB	116ms 116ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6408250411108310548/14763004658117789537 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ddc896cb14a8ba168679460b2e209704de56f4e9c7996d4cfac3dd417fab1d4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 17 Dec 2022 23:13:45 GMT x-content-type-options nosniff age 472787 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 198534 x-xss-protection 0 last-modified Wed, 20 Jul 2022 08:15:59 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 17 Dec 2023 23:13:45 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	92ms 91ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Ca1hE-4OlY9rwN8mP1waBorTIA4uZrLBqu9ieg98PlPj8lokPEAEgttfpeygIYJWygoKYB6AB9MSQnwLIAQaoAwHIAwKqBJ4CT9DBENAwaQf-m1KU5JdghVGEFPB4GX151FSp2Q1wH7Nok0PPY6_avLbiJoxK2eiQj1L5l_juXcI74eqesTwWsk-4afw6xerw_EAT_GMZoIIvlxAmVfggWNqqShmNfEO9YG7VFbN3_1oqsdsgadYPrWriVwL04iWBLA5s5ALtCCscPEFxalp0yX05hmaymGMi_kEHIYP1rWRhcccwangazA1-j8IdQhU1TyRdyghId6gWSbJiirISATEvZAgRrnVJS0Yr-tChVXwQddsWJnflmAVXMoTtaZ_N_V96P2kzAmrudmhhdO3Q9r5evRm2OS-nDVj8WAJ5KU7nU025l8gOZ2sHLNcxhIje9WWMm_hf4FewtfYQXHUr8P5U_IzE48AE29_O-IsEkgUECAQYAZIFBAgFGASgBjeAB8Sm8uABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQivIJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=r6YDbgy8o24&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	92ms 90ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CQivb-4OlY9rwN8mP1waBorTIA4iGh-ptic29wqsQzeDlu48OEAIgttfpeygIYJWygoKYB6ABjezk2QLIAQapAielexcSnag-qAMByAMCqgSZAk_QlCrTMGoH_ptSlOSXYIVRhBTweBl9edRUqdkNcB-zaJNDz2Ov2ry24iaMStnokI9S-Zf47l3CO-HqnrE8FrJPuGn8OsXq8PxAE_xjGaCCL5cQJlX4IFjaqkoZjXxDvWBurRazV__bCLoJ6nmZkbxUdCIYp-N2gCYIZuIy7DgqZTk4dHtXeMSKOoQiR9-WKf5J8iJ2Nq2ElFIyM2h47c_4fY_C6EHiNkwkqcn9S3eq40hHYYqy5wLELGQJ5KyASktG3vklolV85XYuFSZ3EJvwZDI0GOpqzv1fjzycMAJqG3WdYnXtMfCi3AVfsXKpdGQXDsoIWiGRmunvkHmzez_GLpDXlzOf9n10dREt6dGbEEp1H-mak3fPwATy2dTlmgSSBQQIBBgBkgUECAUYBKAGN4AH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCK8gnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTI4MTYxMDc0Nzc5MzgwGAA&sigh=pEwHUdsXCWo&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	92ms 90ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CqHeO-4OlY9rwN8mP1waBorTIA-LLw7Zt9OK2mJgJ8qq45vkmEAMgttfpeygIYJWygoKYB6ABj4j4ywPIAQapAgZhoAiUyrE-qAMByAMCqgSYAk_QqkrSMGsH_ptSlOSXYIVRhBTweBl9edRUqdkNcB-zaJNDz2Ov2ry24iaMStnokI9S-Zf47l3CO-HqnrE8FrJPuGn8OsXq8PxAE_xjGaCCL5cQJlX4IFjaqkoZjXxDvWBurRazV__bCLoe6nnEzLIrdCIYp-N2gCYIZuIy7DgqZTk4dHtXeMSKOoQiR9-WKf5J8iJ2Nq2ElFIyM2h47c_4fY_C6EHiNkwkqcn9S3eq40hHYYqy5wLELGQJ5KyASktG3vklolV85XYuFSZ3EJvwZDI0GOpqzv1fjzycMAJqG3WdYnXtMfDPl0jLfbfRkVNlq1ohcbybrd9PucX2LW9VLxV6vBGf-mnQMEd9etq5EERjmuOtpdfABJeL0fL_AZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfZ94c0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQivIJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwuIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=pFePnFjcytI&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	90ms 89ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CVKyw-4OlY9rwN8mP1waBorTIA6rK6Mxt5KOhi-YQ8YGV5ZMOEAQgttfpeygIYJWygoKYB6ABp5_BpCjIAQaoAwHIAwKqBJYCT9D2ItMwbgf-m1KU5JdghVGEFPB4GX151FSp2Q1wH7Nok0PPY6_avLbiJoxK2eiQj1L5l_juXcI74eqesTwWsk-4afw6xerw_EAT_GMZoIIvlxAmVfggWNqqShmNfEO9YG7VFbMX_8gAutug1fEVvOjWyPMfA5trx9WMCel_1sH3xt6CgVuNx8zPh2a63JbU_UnHIVYDrqRhUzLGaXgYzPiIjMAdQ-DDTiRcyv--dKgWS0eUibISAcXZZwgRr4C_SEYr-iVXVnwQdS7gJXfVmHChMbTt6Wo7_l96P5zFAWrud52CcgcNXLhZcfGwv6FIFFASWOXNq9VhUaVh-_7YwuIMmnCeHYc1qe44stpT-LcIpceNrWHABKy1z5eTBJIFBAgEGAGSBQQIBRgEoAY3gAen15GEA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIryCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=EjBWbRWFQFk&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	92ms 90ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CqtC3-4OlY9rwN8mP1waBorTIA-mPuopuzN2PocoQruuWhIwOEAUgttfpeygIYJWygoKYB6AB753_2yjIAQapAhwzqn0SOHs-qAMByAMCqgSVAk_Q9mb5MG0H_ptSlOSXYIVRhBTweBl9edRUqdkNcB-zaJNDz2Ov2ry24iaMStnokI9S-Zf47l3CO-HqnrE8FrJPuGn8OsXq8PxAE_xjGaCCL5cQJlX4IFjaqkoZjXxDvWBu1RWzF__IALqRnYe-FLzo1sjzHwOba8fVjAnpf9bB98begoFbjcfMz4dmutyW1P1JxyFWA66kYVMyxml4GMz4iIzAHUPgw04kXMr_vnSoFktHlImyEgHF2WcIEa-Av0hGK_olV1Z8EHUu4CV31ZhwoTG07elqO_5fej-cxQFq7nedgnI4VU3wWXHxsL-hSBRQE1iP4JC2YlGONPOr2MJ1Jbhwkgl3e_uvh7n4U_ahldvKt2nABPvNxPH_A5IFBAgEGAGSBQQIBRgEoAY3gAfNsPi7A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIryCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=MIjdt5vXOjc&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	92ms 91ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Ce_tn-4OlY9rwN8mP1waBorTIA8KI4IpunLq9sosR-Me5zNwTEAYgttfpeygIYJWygoKYB6ABt5iBoijIAQapAhwzqn0SOHs-qAMByAMCqgSVAk_Q407uMGwH_ptSlOSXYIVRhBTweBl9edRUqdkNcB-zaJNDz2Ov2ry24iaMStnokI9S-Zf47l3CO-HqnrE8FrJPuGn8OsXq8PxAE_xjGaCCL5cQJlX4IFjaqkoZjXxDvWBu1RWzF__IALrk4v-EFLzo1sjzHwOba8fVjAnpf9bB98begoFbjcfMz4dmutyW1P1JxyFWA66kYVMyxml4GMz4iIzAHUPgw04kXMr_vnSoFktHlImyEgHF2WcIEa-Av0hGK_olV1Z8EHUu4CV31ZhwoTG07elqO_5fej-cxQFq7nedgnJVPV_0WXHx-4vxNxRQE1isiOCCYlHYceir2MJ1JbhwkgkhPuCvh7n4U_ahtrO6g2nABPeYnP-OBJIFBAgEGAGSBQQIBRgEoAY3gAerz426A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIryCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=oWcYRYUSxmg&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	96ms 95ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CFXKj-4OlY9rwN8mP1waBorTIA_vE_INujpqNzIERl_676ZUOEAcgttfpeygIYJWygoKYB6AB64iu6gLIAQapAp8B7yY6ndE9qAMByAMCqgSjAk_QuzRiIXA4xyjhmIqNe4JGmB_ifEQwddaDEt89cxLyJJNOLLiXi6C25iXFX9mkipRV7ovz_Fmfdu3o3PA3BLYT52znPd_x_esfTO9sBLyANYEDMR22LEHFpwNVnHwccoFsVu-z1n3YyRgZopSnOZTpfwIZkSQ_Qt3ljVroBtPL8dfTr4CxjlaO0oefvCmVI_5JQ9R19qWkYaQxM6p4ODn7fY_AHbfjNk0kXD_-SXepFr5EYYqyEPTHLGQIEVqDSktGKg8molV8EIAtFSZ35W3zVDK07Rxpzs1f-sqfMAJq7oOeYnTt0QM9Wrz4sD-lCW5c4Nnt7CjDdVlusTH688F8zGaNHzifN4yWY7LQ-_KbEEp3H7-I0TPP4lsjX-zQ0PP_mMAE3MzGgrkEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB_320ZUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQivIJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=Y0ZvEVnQ8y8&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	95ms 94ms	Fetch text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Ckawp-4OlY9rwN8mP1waBorTIA96e3O1tn63rwIAQvPqGn54wEAggttfpeygIYJWygoKYB6AB7vzx9gLIAQaoAwHIAwKqBJYCT9DiYdIwYAf-m1KU5JdghVGEFPB4GX151FSp2Q1wH7Nok0PPY6_avLbiJoxK2eiQj1L5l_juXcI74eqesTwWsk-4afw6xerw_EAT_GMZoIIvlxAmVfggWNqqShmNfEO9YG7VFbMX_8YAurmj4oEUvOjWyPMfA5trx9WMCel_1sH3xt6CgVuNx8zPh2a63JbU_UnHIVYDrqRhUzLGaXgYzPiIjMAdQ-DDTiRcyv--dKgWS0eUibISAcXZZwgRr4C_SEYr-iVXVnwQdS7gJXfVmHChMbTt6Wo7_l96P5zFAWrud52CchxAWrdbcfGR20Y3FFASWJ-SpaViUZcbs9XYwpkOmnCeHYcH06YTstpT-LcI35iD3WLABLjP9NaABJIFBAgEGAGSBQQIBRgEoAY3gAf6go6JAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIryCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQE0BUBmBYBgBcBshccChoIABIUcHViLTU5MjgxNjEwNzQ3NzkzODAYAA&sigh=drTqW0kTRVA&uach_m=[UACH]&cid=CAQSKQDq26N9qel5n1Oh7qIvSG7vPJubMZyEfaD_WiNexw3UJOpX_eTfZamgGAEgEw&template_id=492 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 23 Dec 2022 10:33:32 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame DA5C	1 KB 643 B	37ms 36ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 48472445140208031 expires Fri, 23 Dec 2022 11:47:20 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5387	220 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 916741b81cc86cc5147e3f158d8ed4159a60b2657b11439070bf6e209707bea4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DB4E	3 KB 4 KB	153ms 56ms	Image image/png	2606:4700:20::ac43:444e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 28695894 x-guploader-uploadid ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3262 x-goog-meta- last-modified Wed, 09 Jun 2021 12:35:14 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary Accept-Encoding x-goog-generation 1623242114099744 content-type image/png x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=31536000, immutable report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTbONMO%2F%2Br2xeGdXB7IrXPTX%2Bdok21rGSG4zfo%2B2iKTNBZdW8MHAairzK7yX98X7cXFrk4IqHTBQmPv7aMavb5i08ly9WYUHnVbVYK5PJhkcuCR2UGuk%2B0gO1ACFn0GrHhyr65bwIa3QCfQUkc9m4MLe"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 77e0708b9e95bbb3-FRA expires Wed, 25 Jan 2023 07:28:38 GMT
GET H3	200	dr Show response as.ad4m.at/ad/ Frame 3E31	2 KB 2 KB	57ms 54ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1khawnszx2r6mebecgxzkg14mdkn90q5p56h3znna8n99q8xy494742qm7g2p7ynebfsjy3h7p7tfhprbrwa0c9q6ekqj0jnc5epx1m495mkqns3r3bnqnp414r2wctj6rt9fv7z2geg054ws8hhxdysxt6jby1s5fxn07ka4dt3ydvxj611489pjd1kvbydydwz2wr2ksjmffzbsktf27d5tnny8nmtf32fv5yc3wpv35jxq241zfvfgce08ep0yb1g82h1035f4zcf269p18t0gcre7fp3az8sxnhqyadfxyn0v95czs8b7k1w9n4sjnmfv9rfkranm2j3an1trhgpvs0zbhmk1g4dhmk1x16w0jh22jx7a5s1vka9g8v8bevr5pcr12nstqz8dfvbax81tn0azhze4khb28xexkfwkq389e9ve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%26client%3Dca-pub-5928161074779380%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e193c225e9d5e8ea1b72dbdd4f8688f34a00b912e9daeda1fb8dc16a92cb9ead Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 77e0708b18a26951-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:32 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D67B	3 KB 1 KB	114ms 110ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 13:58:43 GMT content-encoding br x-content-type-options nosniff age 74089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 13:58:43 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 18BD	1 KB 643 B	40ms 37ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 48472445140208031 expires Fri, 23 Dec 2022 11:47:20 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D67B	18 KB 7 KB	40ms 37ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7480 x-xss-protection 0 server cafe etag 15631949847000551034 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame D67B	0 0	48ms 45ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQo7SdG9hhDMl3ftTMlEbXB9-iuwL43eJQd2xqWUZJWPfpNK_DvWmtaBDUFBNWX62bzBLw1ACi6k7y3V7BFMcBZ7T-OIQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D67B	153 KB 47 KB	218ms 164ms	Script text/javascript	2a00:1450:400d:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47725 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1670417373259609" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 23 Dec 2022 10:33:32 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1C93	2 KB 765 B	106ms 105ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1C93	23 KB 9 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9443 x-xss-protection 0 server cafe etag 9828741834572772835 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1C93	3 KB 1 KB	106ms 106ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 13:58:43 GMT content-encoding br x-content-type-options nosniff age 74089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 13:58:43 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1C93	18 KB 7 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 11:45:41 GMT content-encoding br x-content-type-options nosniff age 82071 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7480 x-xss-protection 0 server cafe etag 15631949847000551034 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 05 Jan 2023 11:45:41 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1C93	153 KB 47 KB	131ms 88ms	Script text/javascript	2a00:1450:400d:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47725 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1670417373259609" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 23 Dec 2022 10:33:32 GMT
GET H3	200	5abbe811e7745ada511aeaa994a13f9f.js Show response www.gstatic.com/mysidia/ Frame 1C93	34 KB 14 KB	158ms 50ms	Script text/javascript	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 01:38:32 GMT content-encoding gzip x-content-type-options nosniff age 204900 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14213 x-xss-protection 0 last-modified Thu, 08 Dec 2022 23:34:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 21 Mar 2023 01:38:32 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame F62C	2 KB 1 KB	56ms 56ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2298498 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 77e0708b28d76951-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Fri, 23 Dec 2022 10:33:32 GMT expires Wed, 26 Oct 2022 23:22:52 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5%2BA4x%2FwWfFXgo%2Bq3cLzlLD8enOxSlSuwg1xbIhGBgIoht7lsLOzaxB3bmMDM6mmuQfv%2Fkk%2B5sMUq0i3M3P7mmWXhWQjQr2v8Y%2BmzjBDCsHyyTQ%2Fv0KePPN6V1lGKZOl%2B2H5mJ0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame DA5C	0 104 B	224ms 78ms	Image text/plain	2a02:fa8:8806:13::1370 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHryyRTgN5I87edm2uf6bcM&google_cver=1&google_push=AavPq0PEutHRYc-FV2WPa9-W4DhgtzOfOzTDVdNM6kSKkiRhmZh-kGhoaucAW7248IRi2ZsIEDF1TI5630BcFo1XjIZ9gyImEXA4FgE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DA5C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOojbNhONfA-9-Tz8kYRQ90&google_cver=1&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQN... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=PRFjpYP8QgCblDIN76DUrQ&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQNNT1ZUQVA...	170 B 188 B	76ms 74ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=PRFjpYP8QgCblDIN76DUrQ&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQNNT1ZUQVAbqiIILc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 23 Dec 2022 10:33:32 GMT Server MT3 277 3f0ad7a master cdg-pixel-x31 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=PRFjpYP8QgCblDIN76DUrQ&google_push=AavPq0O0iQOckNfooApOt9swkcPBQ801vl-paSjoAbgb2JrqCmiMeIUtdhw7YEtlh3vaqU7P8nU-SN6il1m06zQNNT1ZUQVAbqiIILc P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Fri, 23 Dec 2022 10:33:31 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DA5C Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMPgwXM2tYtBFMNyLueP8HI&google_push=AavPq0N_8HdaQOx2KvjLeT_uLCLdqbSMhPEqjxVmLk2Z7V4RNfgqqPv_1M...	170 B 188 B	76ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMPgwXM2tYtBFMNyLueP8HI&google_push=AavPq0N_8HdaQOx2KvjLeT_uLCLdqbSMhPEqjxVmLk2Z7V4RNfgqqPv_1MD_iqfKQSV2YDr978H21oem5mRFXpiE9OUwWKQ_3xn_idw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-hhn-etou8220021-HHN pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1671791613.814402,VS0,VE94 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMPgwXM2tYtBFMNyLueP8HI&google_push=AavPq0N_8HdaQOx2KvjLeT_uLCLdqbSMhPEqjxVmLk2Z7V4RNfgqqPv_1MD_iqfKQSV2YDr978H21oem5mRFXpiE9OUwWKQ_3xn_idw cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DA5C Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEKOfDcPgxjqOT1D__dGA9fQ&google_cver=1&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn43OGYjPOzXKu9yzlU https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=89D10149E4804D5EA8FFC5174ECEDEBF&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn4...	170 B 188 B	83ms 83ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=89D10149E4804D5EA8FFC5174ECEDEBF&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn43OGYjPOzXKu9yzlU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 23 Dec 2022 10:33:32 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=89D10149E4804D5EA8FFC5174ECEDEBF&google_push=AavPq0NeZ26Mlb4jPja1LDWLW-3xSQTZEuO4CxsT_I29xEjjCagMEZuwbavANpMIZ-GEXgOld4xdn9leBtlamn43OGYjPOzXKu9yzlU access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 22 Dec 2022 10:33:32 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame DA5C	0 173 B	139ms 44ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENnWYj5AYNz-2QDOGzDC7XU&google_cver=1&google_push=AavPq0MglHB9LGpUwCeUwOCN1LyBna00F9X6ja5gdEieexo4m7zwYGs-7Dw9RNqdZb7iR5LLfQLaQC0rrc_Bm4J7kLFnbhB6Mjh4hkw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	pixel cm.g.doubleclick.net/ Frame DA5C Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESELvG4ZKC4ff8zgxZdwpanWA&google_cver=1&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lL... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Yf1btWyrQvuf0hgI_0ABJA2&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lLcSNMZajoaG2EHw	170 B 188 B	74ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Yf1btWyrQvuf0hgI_0ABJA2&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lLcSNMZajoaG2EHw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Yf1btWyrQvuf0hgI_0ABJA2&google_push=AavPq0N7-6hvzntfjut4HN35XY43W5yGSZIuSBATDMMg9BlUW-0H4nZuSHaEwSFh1K484dEp_GrQt_Po3hNJb8lLcSNMZajoaG2EHw x-host tde-deliveryengine-production-769c9db745-k7ggk alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DA5C Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdC4ZW_VRMGtVIkjopwThQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	75ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdC4ZW_VRMGtVIkjopwThQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OnJ5D51CV8X8MxjfSun0X0vozAnfFHlauAPb8TXmsuiSVdHAVF4I9a2Ig_CZStKJgCWVywVOS8s80gw_L30jxQjZ53dBjWPw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdC4ZW_VRMGtVIkjopwThQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OnJ5D51CV8X8MxjfSun0X0vozAnfFHlauAPb8TXmsuiSVdHAVF4I9a2Ig_CZStKJgCWVywVOS8s80gw_L30jxQjZ53dBjWPw date Fri, 23 Dec 2022 10:33:31 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame DA5C	0 12 B	112ms 72ms	Image text/html	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOpavXLKK2v5WWopmsNAIaQBkMrr02QYLb_LnCbAgz6kDCGvRBfOyRdVlEo6D7DxnpoJOp Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=449&slotname=9389059806&adk=2231312788&adf=1287507746&pi=t.ma~as.9389059806&w=749&cr_col=4&cr_row=2&fwrn=2&lmt=1671718062&rafmt=9&format=749x449&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671791611509&bpp=1&bdt=275&idt=300&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=7255084015977&frm=20&pv=1&ga_vid=105992210.1671791610&ga_sid=1671791612&ga_hid=996177032&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777506%2C31071167%2C31071261%2C31071269%2C44780792&oid=2&pvsid=3014886166434204&tmod=759565664&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=kAfrqxN1o4&p=https%3A//cybernews.com&dtd=302 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	default.css as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 3E31	89 KB 11 KB	51ms 50ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1khawnszx2r6mebecgxzkg14mdkn90q5p56h3znna8n99q8xy494742qm7g2p7ynebfsjy3h7p7tfhprbrwa0c9q6ekqj0jnc5epx1m495mkqns3r3bnqnp414r2wctj6rt9fv7z2geg054ws8hhxdysxt6jby1s5fxn07ka4dt3ydvxj611489pjd1kvbydydwz2wr2ksjmffzbsktf27d5tnny8nmtf32fv5yc3wpv35jxq241zfvfgce08ep0yb1g82h1035f4zcf269p18t0gcre7fp3az8sxnhqyadfxyn0v95czs8b7k1w9n4sjnmfv9rfkranm2j3an1trhgpvs0zbhmk1g4dhmk1x16w0jh22jx7a5s1vka9g8v8bevr5pcr12nstqz8dfvbax81tn0azhze4khb28xexkfwkq389e9ve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%26client%3Dca-pub-5928161074779380%26adurl%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1khawnszx2r6mebecgxzkg14mdkn90q5p56h3znna8n99q8xy494742qm7g2p7ynebfsjy3h7p7tfhprbrwa0c9q6ekqj0jnc5epx1m495mkqns3r3bnqnp414r2wctj6rt9fv7z2geg054ws8hhxdysxt6jby1s5fxn07ka4dt3ydvxj611489pjd1kvbydydwz2wr2ksjmffzbsktf27d5tnny8nmtf32fv5yc3wpv35jxq241zfvfgce08ep0yb1g82h1035f4zcf269p18t0gcre7fp3az8sxnhqyadfxyn0v95czs8b7k1w9n4sjnmfv9rfkranm2j3an1trhgpvs0zbhmk1g4dhmk1x16w0jh22jx7a5s1vka9g8v8bevr5pcr12nstqz8dfvbax81tn0azhze4khb28xexkfwkq389e9ve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%26client%3Dca-pub-5928161074779380%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1670930538 age 855978 cf-polished origSize=91628 x-guploader-uploadid ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 13 Dec 2022 11:22:46 GMT server cloudflare etag W/"575def06e70febb0cbd25403e37880bf" vary Accept-Encoding x-goog-generation 1670930566724484 content-type text/css x-goog-hash crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xreghVb6zeSq2faZ853ekOnXA2mI%2B7IyIN0s%2FUsVuoegqXzjHQ%2B3bVGVpTPj5GqZeyLYtOjhmeMJ5V23%2FcmPRrmG%2BwCXlIt6ErOVPPoDC3%2Fzq2V6BT4AajFBANWQdNFKc7Zs2%2F5bNk%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 91628 cf-ray 77e0708b89866951-FRA expires Fri, 23 Dec 2022 11:33:32 GMT
GET H3	200	r62eglto.js Show response ad4m.at/ Frame 3E31	35 KB 12 KB	50ms 50ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1khawnszx2r6mebecgxzkg14mdkn90q5p56h3znna8n99q8xy494742qm7g2p7ynebfsjy3h7p7tfhprbrwa0c9q6ekqj0jnc5epx1m495mkqns3r3bnqnp414r2wctj6rt9fv7z2geg054ws8hhxdysxt6jby1s5fxn07ka4dt3ydvxj611489pjd1kvbydydwz2wr2ksjmffzbsktf27d5tnny8nmtf32fv5yc3wpv35jxq241zfvfgce08ep0yb1g82h1035f4zcf269p18t0gcre7fp3az8sxnhqyadfxyn0v95czs8b7k1w9n4sjnmfv9rfkranm2j3an1trhgpvs0zbhmk1g4dhmk1x16w0jh22jx7a5s1vka9g8v8bevr5pcr12nstqz8dfvbax81tn0azhze4khb28xexkfwkq389e9ve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%26client%3Dca-pub-5928161074779380%26adurl%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Nov 2022 06:17:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 274522 etag W/"49e3b0ffd5e74f27b691e89cf271d672" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tzKCTzITOc5%2B%2BTWoziUIkCgMFBs1mu56BWx5id87cPtJwNDFAXHLva3Zt3oKvwtITmYlKM5ieDLWJqQBwweIW%2F9WPSLpQG3Tmzfc2jKl1WlQAOyFHZkgFqV%2BTFdMX0ZlILYjzc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 77e0708b89886951-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 20 Dec 2022 06:18:10 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 18BD	70 B 265 B	206ms 59ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAsH2dD8I18bOPRRTjqgRx8&google_cver=1&google_push=AavPq0NLM7MC2MSvL2M0k_AtfdIGCXY5jhhGx_2wcymlEiSzf_DV22hcElYRqp3aZpeGJdq14hHa7Hp4axBKAhESX_FskzJwcpXWngQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 18BD	0 119 B	114ms 45ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP_tM2zKScFJfl-1xqbT1WQ&google_cver=1&google_push=AavPq0PeQWQYG2zENYASwXoCJuLb2vjTV2ZTQOD3tFlpnXjAWklk_Twk9aeeDCRAe68Gvsyi9n1WY0I7YpFgca03OgDHj1dnm18exhA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	pixel cm.g.doubleclick.net/ Frame 18BD Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempO... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyN... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMzODA5OTg5OTE5NTEwNDQzOA&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDem...	170 B 188 B	76ms 75ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMzODA5OTg5OTE5NTEwNDQzOA&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempOPdqoUKYaG-PUloLonh6INaM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjMzODA5OTg5OTE5NTEwNDQzOA&google_push=AavPq0NE6nAHmXE7Sr5C2-G2aDjVBH5zMBI4PboWE24rI0u6vRDMhS_R4VL6IdnXJ1AzJly-hyNDempOPdqoUKYaG-PUloLonh6INaM access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 18BD Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP5JhUD9dr-aDDb6CJ7UumY&google_cver=1&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP5JhUD9dr-aDDb6CJ7UumY&google_cver=1&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4&google_hm=F3RZpGZHZH1YsU8cRaW...	170 B 188 B	78ms 78ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4&google_hm=F3RZpGZHZH1YsU8cRaWL73bA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 23 Dec 2022 10:33:32 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OhNqu67Nhf58cMAWILHZiMCtQz80MJqaf-PrcmKHwB3M4NIQIuyx5uXMvp3AN19NCoyL8YJIyxGJ1IP4xx0vX_WTifsBn5Tt4&google_hm=F3RZpGZHZH1YsU8cRaWL73bA Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 18BD Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEV4A53bn5I6BQKNUsVk8sU&google_cver=1&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2a... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2aMMkJo9bHGM_Sk08	170 B 188 B	74ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2aMMkJo9bHGM_Sk08 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop VIE50-C1 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NcRujipiIzoJKm346Pg81OeNpMGg4EsHXRGP5e84vOQK5Gc_oJGXrpFPUkOT2cwbmf4-AKakdSCfk2vf2aMMkJo9bHGM_Sk08 cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id TDCVKkAN4sq6u-tr0ruwMeU7bixjNpRGqvxyKXZadTTcS9OYZzDimg==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 18BD Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-a36fb76b-37f2-4ac1-ba83-68d03c6c880d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0OGX6r5JAclyDYiGaBPh... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&google_hm=A6Nvt2s38krBuoNo0DxsiA0	170 B 188 B	74ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&google_hm=A6Nvt2s38krBuoNo0DxsiA0 Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0OGX6r5JAclyDYiGaBPhb-NokSx_77bOESN-WWNlzTtPE24LCik0xq9f6jmq5UCWyRSuj1WTGBAYW0b3ag2W-iiwk0CvwkY9g&google_hm=A6Nvt2s38krBuoNo0DxsiA0 date Fri, 23 Dec 2022 10:33:33 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RXa36fb76b37f24ac1ba8368d03c6c880d003 content-type text/html
GET H2	200	/ onetag-sys.com/match/ Frame 18BD Redirect Chain https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKw-dH5fwWL5oAg4D2ek1fc&google_cver=1&google_push=AavPq0NmbIqPuBSr71EDqSizolAhUyZIujNhp3tGDPboUFtLmxxZdzgwTtWwkx8oxlPMMmed-5w7z5qDYiY... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0NmbIqPuBSr71EDqSizolAhUyZIujNhp3tGDPboUFtLmxxZdzgwTtWwkx8oxlPMMmed-5w7z5qDYiYKiTHtm63HmIJ1cXZVhGg https://onetag-sys.com/match/?int_id=19&google_error=5	0 151 B	38ms 37ms	Image text/plain	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=19&google_error=5 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://onetag-sys.com/match/?int_id=19&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 255 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 18BD	0 12 B	85ms 72ms	Image text/html	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHEh0jOQfGVBEbbsDs12KhkGLfIM25e9CLOCEXxvwa5qyEQlvKR9hyY0XPVTBFc8M1tzWM5A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F9A6	1 KB 643 B	38ms 36ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 81972 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 22 Dec 2022 11:47:20 GMT etag 48472445140208031 expires Fri, 23 Dec 2022 11:47:20 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	rs Show response ad4m.at/ Frame DB4E	2 KB 2 KB	74ms 73ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5bb15b729be795da783a33284df6bbc3ef7fae8b34e2d2c3b72a6a3ce665de7 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YSR1BP1R1go2%2B3GfcFZyJHD3H6dGJo9tQknKZfG4F%2Fm5CsQyHQVybElfCw3u%2BTr6%2BNxL%2BnqdRGMMI6Us4wiBpnnrIfC0l6RAUTPe4xxrsfuoYgR%2FNgBoU8Q1yhg7%2BuXsOyS74w%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 77e0708c7ef0927f-FRA x-backend-server aa-reachservice-group-europe-west1-tbx2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	111ms 69ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 77e0708c0df8927f-FRA content-length 24 content-type text/plain date Fri, 23 Dec 2022 10:33:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp1gkHczkjxF76TF%2BhnqFjyBl%2BY1SjIM24hbIof9xM7SMx5o%2BgfFaldxdD2r%2BQ5DOqbBqOhzL6tsy84XhzHgLBzIotQq4Z3rhQ5Rz9lBdC90xyMF5zWnSjN3fGQrcJXzJDof7A8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-tbx2
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F9A6 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK0bCCK7gN1GgYjMi9X1S5Y&google_cver=1&google_push=AavPq0OpzmDTdIrfore0mFIcNlgVum4PYD1mMDqcZ0I8D2f6_akQTOFEWYT697yYs_X5oDCRfVUCTHyYY9C6Qzy9qksG0US0VlXmJy1N https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM2OTYyNTkyNjQyMTYyNzI0NA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKa-ooRgpUo_agG-wxuEklc&google_cver=1	43 B 398 B	105ms 47ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKa-ooRgpUo_agG-wxuEklc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKa-ooRgpUo_agG-wxuEklc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame F9A6	35 B 465 B	145ms 44ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUtrNIOutVGgOyXr2u04Ew&google_cver=1&google_push=AavPq0PtVngrLYeqi7xYjm3iacOzLnWZAhuv71dkAF9OvkhWg6mMDt0x-_CBUpXUl-gPg85l9ypYdk7PUPhR7nPSCNV6QpqliSWwH46D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F9A6 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzVpRklEVjMxUDhGbVE1&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs...	170 B 188 B	74ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzVpRklEVjMxUDhGbVE1&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs3wAum8vR8lmO7w4VsO-bCDRA-mWHoIy4vCsITScS-ZSFc-VDGoBY64Jv8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 23 Dec 2022 10:33:32 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0902e59d1fecaf133@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RzVpRklEVjMxUDhGbVE1&google_gid=CAESEA95hUDw_CBUeVpLuYbxf3w&google_cver=1&google_push=AavPq0O6e2guS7Su3JX9aRWIyKuEgLs5Ly-lnE426leq8hs3wAum8vR8lmO7w4VsO-bCDRA-mWHoIy4vCsITScS-ZSFc-VDGoBY64Jv8 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame F9A6	70 B 264 B	144ms 59ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAsH2dD8I18bOPRRTjqgRx8&google_cver=1&google_push=AavPq0O7uyLEuzoXrJx1QfNmORdoqUCcJMECvAmUKLaCJBFKiYe-EznMWJ_zVMB099WnV3q0HYk0UoaxRP0ZVsRyGCW5cn_art8W79Y_ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame F9A6 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVW... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPlGl_Oia6u4F9Ync5JLEnM&google_cver=1&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdR... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc0NzUwNjkzMDQxOTA0NDUyNg&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhB...	170 B 188 B	73ms 73ms	Image image/png	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc0NzUwNjkzMDQxOTA0NDUyNg&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVWqtroUGTMuwh9iYpuxS9TVHKl Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc0NzUwNjkzMDQxOTA0NDUyNg&google_push=AavPq0NBD-aMjnj1y06_pBB92ls_0mldLWB2w-DWISuqJRLq_dfIDhpQ31i16thA-Ut4k8I3hdRWhBVWqtroUGTMuwh9iYpuxS9TVHKl access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	dds rtb.openx.net/sync/ Frame F9A6	43 B 64 B	150ms 105ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEOnn5cmPNlRbtiKAmgF0nWQ&google_cver=1&google_push=AavPq0OqQqg2mR4NfU20BAcpWUegwam3QMfZDSu_u62MHYfWgPFL11tYWC2aXjmt6yH3WK2xHSxyCjulsLb1Gr6i8J5Bb4XmR_ELQcME Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 2dlivp1h1nfflpskpa9eo3l86lk43ur2
GET H2	200	report sync.teads.tv/um/ Frame F9A6 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENX9pjZPs2PsTbj0CXEf8Vo&... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0PJ9ItRWI1vTou7CIca8zZRcW-1xi95V2bKin5m9kd8xq7zeAR1LmvD6pDgzu686c9hiX-1y9kF9Z__gJtXxWGonPYkubqX0YTrww https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 172 B	83ms 82ms	Image image/gif	104.96.128.226 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-128-226.deploy.static.akamaitechnologies.com Software akka-http/10.2.9 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers expires Fri, 23 Dec 2022 10:33:33 GMT pragma no-cache date Fri, 23 Dec 2022 10:33:33 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.9 content-length 23 content-type image/gif Redirect headers pragma no-cache date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame F9A6	0 12 B	75ms 71ms	Image text/html	172.217.19.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KY-SfQKJoioF3v3luvW1x62_5xQtoLx_ps-K1pdrxTrSj44mTqYRZpALYavqU_b4btTny6Xg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.19.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS muc03s07-in-f98.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:32 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	frame.html Show response ad4m.at/ Frame 10F8	2 KB 1 KB	60ms 59ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2298498 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 77e0708c1a636951-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Fri, 23 Dec 2022 10:33:32 GMT expires Wed, 26 Oct 2022 23:22:52 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6OE%2Bqd6lfo9rt8e4RXIQeLSTi4NHvZjW0WejtlcUOCqasroXd40osgy4EZt3wZWBF8x9DOABCLH1wtiTGYBSriv81UxaaI5egFdRBPOOsz%2FJvbX88UWaUXqZUX2hJLtX9e37o0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	redir.html Show response p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 642A	247 B 962 B	242ms 84ms	Document text/html	142.251.208.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.208.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s43-in-f3.1e100.net Software sffe / Resource Hash 0286a400b884a062d9c86cadbc1bef09e80f2bcd8d903a9632afdf124e80f82f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 205 content-security-policy-report-only script-src 'nonce-N02sSiA394bSI7EKfHdoIw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:33 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Mon, 02 Dec 2019 20:15:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	200	rs Show response ad4m.at/ Frame 3E31	2 KB 2 KB	74ms 74ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0243e2ab5df5652fc349c90a0ad6f5554d2e99ad7cb9b4ea90508b7009d264c6 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Fri, 23 Dec 2022 10:33:32 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZM6SydCrM61ahAxPXbK94xD%2FuigM70EYzjOqnUoI6HWQ9kt9ACBU%2F7DCX7JKhVAuVe3%2FUgjZUMbta9maie3AWAM0XVdaEsQHn58NXQVF%2BFQxoWBDD4%2BjP1xe6S9Azu5%2Byk54Qto%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 77e0708d0fd0927f-FRA x-backend-server aa-reachservice-group-europe-west1-3b3l alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	64ms 64ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 77e0708caf2a927f-FRA content-length 24 content-type text/plain date Fri, 23 Dec 2022 10:33:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eelEUsL347ZhXIll3AWgemygTaGopFbK3x9fh%2Fnq2Bq%2BVKbmNXcTg6WCFobBdT%2Fj2IHbKdrWtSak8ZDXBQfQTi0ib9QZsppihK9Zx63SPo6innTMz5BZYWxd2maVxXsDWLVzeDY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-3b3l
GET H3	200	rar Show response as.ad4m.at/ad/ Frame BA9C	9 KB 4 KB	61ms 60ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d8bb10588e20358246f74014f217a8b1eec0285a22cd72ec7fd2209a685a4e3 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1kq90m20vjxbjk0s1z3a2hj2b4494ajedsyrjvbbws709m9jpbvbmtdzd8pcq8f5vmdwkyedc2j3rp5xn88rw4337qsrp7jd0ztv2cww7dbcnnx7521sa9p1nqsphadgj4nnybpagn59t7pwpkfh1tzd2yrp7ba0hk9rk35d67trc6zqnnyqhevbhzrcwv0sq03h7y889g22k5jy4853m2hgygyspqf48j87jat5fbkzbdjyfdh09jrcw1snj531s14njv0hn05b0tj8ph0b0gx7ynxbhc4t59fbskdjb2k7w7r54tdf3sw5vpsx0mwtz18sj4e8djsvpmxrrmbmy20v06gq6t8cj64wgcdnbkgtr1vgsvdnd7ykn73kf5hvgqmrt7gzj0m75c32zcvd7fvcag9dv2m5ec5dt1snc8xr2exz42fxg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%26client%3Dca-pub-5928161074779380%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 77e0708d4ccf6951-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:33 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	rar Show response as.ad4m.at/ad/ Frame E34F	11 KB 5 KB	54ms 53ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 522a08c058a37065307f3c4e7a27879a3780479c1521c7097837a2098f7205f6 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1khawnszx2r6mebecgxzkg14mdkn90q5p56h3znna8n99q8xy494742qm7g2p7ynebfsjy3h7p7tfhprbrwa0c9q6ekqj0jnc5epx1m495mkqns3r3bnqnp414r2wctj6rt9fv7z2geg054ws8hhxdysxt6jby1s5fxn07ka4dt3ydvxj611489pjd1kvbydydwz2wr2ksjmffzbsktf27d5tnny8nmtf32fv5yc3wpv35jxq241zfvfgce08ep0yb1g82h1035f4zcf269p18t0gcre7fp3az8sxnhqyadfxyn0v95czs8b7k1w9n4sjnmfv9rfkranm2j3an1trhgpvs0zbhmk1g4dhmk1x16w0jh22jx7a5s1vka9g8v8bevr5pcr12nstqz8dfvbax81tn0azhze4khb28xexkfwkq389e9ve&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%26client%3Dca-pub-5928161074779380%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 77e0708d8d436951-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:33 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	default.css as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BA9C	89 KB 11 KB	51ms 49ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1670930538 age 855979 cf-polished origSize=91628 x-guploader-uploadid ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 13 Dec 2022 11:22:46 GMT server cloudflare etag W/"575def06e70febb0cbd25403e37880bf" vary Accept-Encoding x-goog-generation 1670930566724484 content-type text/css x-goog-hash crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqlkNRCJFe8fzsippEVU8dKrhhPqh8h6JksasVJepnmXD5ki1gFSgoFuy6ei8p9Qo3fCnSB%2FNXFWod2Kc9wa%2Bb28WQr0fxLg14nMbFGglm98vp%2FYbFuiMjEv6pfZA1JeGjfkQGHQlJQ%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 91628 cf-ray 77e0708dcd906951-FRA expires Fri, 23 Dec 2022 11:33:33 GMT
GET H2	200	D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 assets.ad4m.at/logo/ Frame BA9C	53 KB 54 KB	100ms 87ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2472380 cf-polished origFmt=png, origSize=115129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 54564 cf-bgj imgq:85,h2pri last-modified Tue, 09 Feb 2021 15:11:24 GMT server cloudflare etag "0a277d59efca0369a6983645e273659e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3uwdNs9jUnBL%2FmqZNIWdBt%2FIlanQBFc4WLbdmlBQD9SjemX33YwxYkorVLrTI%2FN5qonq17EG7pQ4R4erkgDcKMP2n2T71blQDLhj1XPAUGVWwDbByyAPDdgVMndX1%2BnkdqObYKAo01Fobe4"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd89a913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875 assets.ad4m.at/product_image/ Frame BA9C	23 KB 23 KB	97ms 88ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 883606 cf-polished qual=85, origFmt=jpeg, origSize=132437 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23154 cf-bgj imgq:85,h2pri last-modified Thu, 09 Dec 2021 17:51:23 GMT server cloudflare etag "c348b177953ac5720836c04e1a21673d" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMY80DMZcm9MlRc9yjd%2BCMSdSnabzcEiVAH%2BrP9cVl%2B7MR%2BUIGhOVL55KyE3JXk8yH%2FUIa1DryVZPGUYtKgsaxGdX%2BQXk1vbKVKwFp8XKghN7lHkLI9b9L%2BQ9uyCyyGuIR8QOFMQA6F2qyxH"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd89e913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H/1.1	200 OK	/ partner.o2online.de/a/ Frame BA9C Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t... https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPS9-InFj_wCFZyXdwodLsQIzQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=... https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...	49 B 1 KB	154ms 53ms	Image image/gif	46.4.41.145 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nonstopads2.sunbonet.de Software nginx/1.10.3 (Ubuntu) / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 10:33:33 GMT X-NODEIP 46.4.41.145 Server nginx/1.10.3 (Ubuntu) RM-PrivacyPolicy https://www.nonstoppartner.net/ Content-Type image/gif P3P policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP" Connection keep-alive Keep-Alive timeout=10 Content-Length 49 Redirect headers location https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122311333379764916039X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218 date Fri, 23 Dec 2022 10:33:33 GMT x-content-type-options nosniff server nginx x-xss-protection 1; mode=block content-type text/html; charset=UTF-8
GET H2	200	DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71 assets.ad4m.at/logo/ Frame BA9C	9 KB 9 KB	95ms 86ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2464298 cf-polished origFmt=png, origSize=24833 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9258 cf-bgj imgq:85,h2pri last-modified Tue, 09 Feb 2021 15:11:57 GMT server cloudflare etag "174bb0dc35647e204b09aa120965604a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwV7emYh%2FjY%2BiyktFEVBnIP1r%2FCj8vgy6%2BfpYgWwkVfip5M9IcFKIsJwZsXnjsNWIuH1Vw3Ed5CFw1IE5V%2Fku6kqx4914BANURwuiBq41Vr6tLpfa7ovG%2BdJ8CyEoa2FCq2w09N9udnLfjJt"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd89c913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020 assets.ad4m.at/product_image/ Frame BA9C	20 KB 20 KB	96ms 87ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 496750 cf-polished qual=85, origFmt=jpeg, origSize=85977 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20094 cf-bgj imgq:85,h2pri last-modified Wed, 16 Nov 2022 16:32:10 GMT server cloudflare etag "115bea0885590f780802fd14548a1cde" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ua7%2FvELSMJdyo%2Bn6H3G1SUwB3VI%2Fwd%2FxMQabC9OwBUvvknLLZGLxuDd2Vgb7SHpnuuk3xXdO8TRn7N%2Bgq9gkQsLun4LV6EO4%2FGvHbLADNIHPGEX%2BWEtIvmepfnAQgPO44y6eBfoZQLAi%2FyUj"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd892913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H/1.1	200 OK	/ partner.blau.de/a/ Frame BA9C Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed... https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CKTB-InFj_wCFRnFdwodlTQLEg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la... https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122311333379764916041X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0	49 B 1 KB	156ms 54ms	Image image/gif	88.99.63.132 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122311333379764916041X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS nonstopads3.sunbonet.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 10:33:33 GMT X-NODEIP 88.99.63.132 Server nginx/1.18.0 (Ubuntu) RM-PrivacyPolicy https://www.nonstoppartner.net/ Content-Type image/gif P3P policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP" Connection keep-alive Keep-Alive timeout=10 Content-Length 49 Redirect headers location https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022122311333379764916041X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0 date Fri, 23 Dec 2022 10:33:33 GMT x-content-type-options nosniff server nginx x-xss-protection 1; mode=block content-type text/html; charset=UTF-8
GET H2	200	CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F assets.ad4m.at/logo/ Frame BA9C	16 KB 16 KB	57ms 49ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 232805 cf-polished origFmt=png, origSize=39979 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15996 cf-bgj imgq:85,h2pri last-modified Wed, 22 Jan 2020 13:07:55 GMT server cloudflare etag "ad9334664514d900a0c3b76d17ca960f" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcXm3rINwa%2Be0GtPe7LqTwNZqpwJaZt9RbWqgH%2FDYWOjpVVwD%2FOKRcaWSQXnFQ1j3719JaxpqOY0RGqOsNCREy%2Fql%2B0LFkwyGdHyLQNPWUMfU9LKg3DBDEk%2BthWIWLr0CiKIaD8o7sk6qIFz"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd896913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C assets.ad4m.at/product_image/ Frame BA9C	222 KB 222 KB	62ms 54ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1748171 cf-polished origFmt=png, origSize=342797 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 226950 cf-bgj imgq:85,h2pri last-modified Wed, 15 Jun 2022 14:01:11 GMT server cloudflare etag "82c7de0f42ff55fdd0acc07731664031" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTkk6N6%2FWrCFRsaqmv747CptDDCCgy%2BNjMRLYd%2F%2BrwJ7EakwbH5T53fRPs6X7S3K9vxx%2BoDqtCsxSjxSa2OcQnKlouHWYkPuE9SXd40AvLbKNAnhbvQvYstai1b2HI%2FAtvnurDc0DUKSr%2Fef"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708dd898913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	ztpv.php www.conrad.de/ Frame BA9C Redirect Chain https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 https://www.conrad.de/ztpv.php?awc=11354_412871_1671791613_3ff5f471-82ad-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent=	0 640 B	219ms 125ms	Image text/html	2606:4700::6812:7f05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.conrad.de/ztpv.php?awc=11354_412871_1671791613_3ff5f471-82ad-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent= Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=2e1aaf7c786f74fe29746ae2b0d194cc%2F1039409449057321061&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612899&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyxsz4jhnw2b1efbynchf2ygaxnm286yspsgawfshxhvdn3p6ewhvmrkk1qnyetj37ccj4c5m33400h66n52cyv5yfx4w1e20cg6b899vy6k11hj65t5cn78k340c2nqj1br4bv8pnthakzxvq8nzarvqxk3scjfmtmc8wjxcppy0prqj65adsjegscjre1h5pg7jfnjq9nrdwb71mgbac1dxrxaay97bgwbmqv2xkmvnsm6dnzvxeha07v6hj9yt6kewz534qtdb823y2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtS3i-4OlY5v_N9LQmwezkpqADZDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSSAk_Q8tZRPy8IRqoi3JaWJRzZ9WhhxzVMooEQJHW2YwzFc6jPYbuXxs9PBTEwUhygib2Wa883MxABIBIUyhzHz0ogMKbb300tMW26M3XnTBvvGxl01f2r19lUsLeMnoQdbrI9xEdyizh6qZMRHDJx5FpCPjhqTE_dEjAtGspkO1TdbxKr-CYn8RrKtFsv2GRUX7FwGUni7usCD-Ehh-GzV6wvpPu82vYrGFPidkKjk7QEj__I7HMXjVGGOOGQlBnme0bnv0uKogKNxc8_PsFSRQzX0tCFWCHIRZBSaHo7JifRTWKNVO4CJ6gPEyoU7p8D-_tsxYuo5TmJMx5FwKMjm3pr17cU0AllFyyKE9H_xsH9EbKABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3hAn4B_ogAv1ahRyebCwCrNcYzfA%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Server 2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT via 1.1 additional-webserver-blue-115j (Varnish/7.2) content-encoding br cf-cache-status DYNAMIC server cloudflare strict-transport-security max-age=15552000 age 0 content-type text/html; charset=UTF-8 p3p policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" x-varnish 377326047 cache-control no-cache cf-ray 77e0708fae02bb4d-FRA expires -1 Redirect headers Date Fri, 23 Dec 2022 10:33:33 GMT Strict-Transport-Security max-age=86400 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://www.conrad.de/ztpv.php?awc=11354_412871_1671791613_3ff5f471-82ad-11ed-b703-22303eeb12d1&insert=AW&&gdpr=0&gdpr_consent= Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 0
GET H3	200	default.css as.ad4m.at/ad/style/0.1.27/one-ad/ Frame E34F	89 KB 11 KB	51ms 50ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1670930538 age 855979 cf-polished origSize=91628 x-guploader-uploadid ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 13 Dec 2022 11:22:46 GMT server cloudflare etag W/"575def06e70febb0cbd25403e37880bf" vary Accept-Encoding x-goog-generation 1670930566724484 content-type text/css x-goog-hash crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n827Bx%2FEic4jxIlbVKQ%2B69xchW%2FsW9TBOVCziIAaob%2Fq7qy%2FQ2IqyxQ7mlulVogIwjdjXmNw5IoqeXE%2Bumlzy8fkA87RIttUxDzcqDdTAavR8nCrYtWPH7dUJRPJ58Kdroj7HjBpY0%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 91628 cf-ray 77e0708dfddd6951-FRA expires Fri, 23 Dec 2022 11:33:33 GMT
GET H2	200	F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772 assets.ad4m.at/logo/ Frame E34F	3 KB 4 KB	77ms 77ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1093679 cf-polished origFmt=png, origSize=11554 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3224 cf-bgj imgq:85,h2pri last-modified Wed, 09 Nov 2022 07:30:35 GMT server cloudflare etag "1ca6a79380ae53c080c2e12b38bdb5eb" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ7VrurMr26G2JIyTkEh%2FALJ0Cvy2ZThFqqqtB2mfBf0aqFXg6wEGyMIdZj2FEk7Qr0uJw88szD5cePzU0jjJ2z7FWM8Ctmjrj0vMJCF2buyy%2BrJnUCbes5GteEUeM2KGx29HDKe01SpI6p2"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708df8c9913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9 assets.ad4m.at/product_image/ Frame E34F	296 KB 296 KB	77ms 76ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1093679 cf-polished origFmt=png, origSize=466926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 302728 cf-bgj imgq:85,h2pri last-modified Wed, 09 Nov 2022 12:39:43 GMT server cloudflare etag "45f5fed59fc1f13fbebb41146459eb81" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vj3k0XpyitAShvSgyH7Rj4%2BvnL2%2BlW8PoM014aV1%2Fo9GjIwAtfreVBdp9u26%2FE7EcxxFUFXpVsi7BYl3%2FFivak3qKuk4oMCINjENec%2BjU6ccA%2B50YwqbEh09%2FEk3FJv0erNhcvcGY5gHSam9"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708df8d0913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame E34F	8 KB 9 KB	76ms 75ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2105545 cf-polished qual=85, origFmt=jpeg, origSize=16723 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8354 cf-bgj imgq:85,h2pri last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5Z95mH9qKbXr%2BGYlZps9t%2FXyrA7WHbCzj4UhPYsVHHeN83uVKjcocX%2BU2MLbBDcdmM2sMDPnQSDpaOvYhpHGP9s7xJ1jRtu%2FLJQnhpoSjgzbEv7zEKkHPoPn9tTfBlRlYE%2FRIKYWF4qAJnX"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708df8d1913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C assets.ad4m.at/product_image/ Frame E34F	93 KB 94 KB	76ms 75ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2464358 cf-polished origFmt=png, origSize=155400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 95550 cf-bgj imgq:85,h2pri last-modified Thu, 24 Mar 2022 15:45:36 GMT server cloudflare etag "6fddd7204b0a0a403f584248bda12d72" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy7XngbmZbWnucNEKcFVCnxocOExl9YJWVau9o%2FmxTkDDJeyPUCdP7u9%2BchyLzk5H69WcVQelq1seX52c9fajzSjmdxImdfFT7MmP9DE3BsYMBklCtVhtGiOl9zPfZxShqz%2BoZo9pTxHEA9P"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708df8d5913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame E34F Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMXC-InFj_wCFduE_QcdWwADaw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671791613_400efab0-82ad-11ed-b703-22303eeb12d1	0 517 B	131ms 41ms	Image text/plain	87.118.116.9 KEYWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671791613_400efab0-82ad-11ed-b703-22303eeb12d1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS km36617.keymachine.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 23 Dec 2022 10:33:33 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Redirect headers Date Fri, 23 Dec 2022 10:33:33 GMT Strict-Transport-Security max-age=86400 Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1671791613_400efab0-82ad-11ed-b703-22303eeb12d1 Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 0
GET H2	200	A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 assets.ad4m.at/logo/ Frame E34F	2 KB 3 KB	77ms 76ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2469695 cf-polished origFmt=png, origSize=9357 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2330 cf-bgj imgq:85,h2pri last-modified Thu, 08 Apr 2021 14:26:03 GMT server cloudflare etag "8cc161b392f5744da5319a4da549b763" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pMBWWi4DZic4H5Vf8pAAjMcjSt9b16NnbqBDzLATpTrZLUGx0j6ct1O0dgFs%2FPow%2Bin%2BGbZO8oxpUyjeZ0ed4hj8TSRnnNgZuAA5pkkhiRD%2FVKsZUIOKok%2FTmCK9dAyLdXxeKeT2CUcFP46"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708e18f5913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H2	200	B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C assets.ad4m.at/product_image/ Frame E34F	339 KB 340 KB	84ms 83ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2464317 cf-polished origFmt=png, origSize=563367 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 347098 cf-bgj imgq:85,h2pri last-modified Fri, 09 Apr 2021 07:22:09 GMT server cloudflare etag "ff5ac113643d20bec15acfffe32cb75e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oQFvjd2fdw2iTTpZZryHqHXcbwpohvyCKHzMHK2NmgEPJO7JXYFgaFJkEnOFPjxz4I80lUXI8SQqjAvfyY%2FTWXfSe5nUUo6oc%2FCjExZKHrHVPNjMsDujhpxfdfwJA65YmzNghIuMAUIB4gA"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 77e0708e18f7913c-FRA expires Sat, 24 Dec 2022 10:33:33 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame E34F	43 B 702 B	167ms 73ms	Image image/gif	104.87.133.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-87-133-65.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 23 Dec 2022 10:33:33 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H3	200	iframe.html Show response p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 642A	4 KB 2 KB	186ms 83ms	Document text/html	142.251.208.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html Requested by Host: p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com URL: https://p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.208.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s43-in-f3.1e100.net Software sffe / Resource Hash ebdcc25421af29e59748c1bee9c21df60b0db7a6534182cecd2e0746fc297049 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://p4-ezbecgxwpbgvq-5lrw7fx6nkxcku5r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 1861 content-security-policy-report-only script-src 'nonce-ooyTrOstD0_SaiZ3Ml5Y1g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:33 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Thu, 29 Apr 2021 21:38:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	link.html Show response track.webgains.com/ Frame E34F	2 KB 2 KB	293ms 156ms	Script text/html	13.41.118.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jb487a3kv77asrfqstp0a4vemsvyx4vf83ps7sfeca5z7czdd2n0azq47y7xpdsh9e0qbrh6f44szre8xdpwvnqem48cfszmxtb1f1dbkxb9kbb2e9ktg98c2k3h5x2v1w7mvca07aahrcag0xh0mrzz6g3f0h51takqe0ccp6r7478f5ysf4crnyb1bvtqcz63x3qk560htvnk0xwhmmcsrd49bt8azgy0fnzek6tbsgbrnh2ts8hhre924gggzf9gx7r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%252526client%25253Dca-pub-5928161074779380%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.118.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-118-175.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 29881b04f1052f5cb0d1a340bf617d3228bc11dbbdf52a47cd1d7c3f36be3fd0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT last-modified Fri, 23 Dec 2022 10:33:33 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Fri, 23 Dec 2022 10:34:33 GMT
GET H3	200	Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response pagead2.googlesyndication.com/bg/ Frame 9D8C	36 KB 16 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Requested by Host: cybernews.com URL: https://cybernews.com/news/punisher-ransomware-covid-app/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 08:32:27 GMT content-encoding gzip x-content-type-options nosniff age 7266 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15923 x-xss-protection 0 last-modified Mon, 05 Dec 2022 17:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Dec 2023 08:32:27 GMT
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame E34F	85 KB 31 KB	155ms 42ms	Script application/javascript	18.66.147.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jb487a3kv77asrfqstp0a4vemsvyx4vf83ps7sfeca5z7czdd2n0azq47y7xpdsh9e0qbrh6f44szre8xdpwvnqem48cfszmxtb1f1dbkxb9kbb2e9ktg98c2k3h5x2v1w7mvca07aahrcag0xh0mrzz6g3f0h51takqe0ccp6r7478f5ysf4crnyb1bvtqcz63x3qk560htvnk0xwhmmcsrd49bt8azgy0fnzek6tbsgbrnh2ts8hhre924gggzf9gx7r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%252526client%25253Dca-pub-5928161074779380%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-41.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 08:50:11 GMT content-encoding gzip via 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront) last-modified Fri, 09 Dec 2022 10:53:01 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 6203 etag W/"0d5045593d14c9612a5d5576928a5209" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id cQnQsAiL5RBpzwtLvO7BvdQgCUXpZjIRKBEgB1j5SFqV0dpwwQDfwA==
GET H2	200	1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif cdn.track.production.webgains.team/295140/ Frame E34F	19 KB 19 KB	139ms 41ms	Image image/gif	99.86.4.52 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1671791913&Signature=NHnTcM~zTxeLevVM6KLhZYzvSteT0lhQKmaofYfW4Uo2kwWEmnG5PZ5Dqk9aJ4b6muqWiyxgj6bAFHEuzpqk~NSk5BkK-HmQlgJ5-SMPCTqt3NSN3kYs04BGoSPgOrZ2xYz3wm6i8hzSVTSVApud9LkSkWtPoPDF~AdeQypP7L5jSvUCxSqkX-zaQA3iGbqUH5rJhyAVM9XvgFOhtijZ~DuQ-tPWiPTQWkNrugEEpQa1p~1WZcWuGRcqhcvV8Z3qWI~Uv~C7MrDhAtdptKEJmyFvYmxhKCehi~n11h9BSifm-DdXujQbCSvvGN-32yY1M2M6wUnZTdFtgonpjkfwRw__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321034%2C15255%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=160&d=600&e=&g=1652a502261c26c8005fe4852054eff4%2F7978765673418830914&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671791612986&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7jzzdtan5m3ym6yzejwxxc3y4tkk0j2tvk0ymbwcbkb75281w5gb9q45hxjfyyvdg28gd6crc0razqh56ygebnx7cvmzr1tsqx424vt3b6w1h2554f3r0pc4gsapg9bdy7dv3fpxd2x2y14fxk0yhh310k19tmyjxbj4h5td2je3p1ph9ys03ajsyzp7xtbspz4vxayxb89wqj4m6mkn4w9epjcmyfny52z22zfzv3e0sweyszprypm66yjkvpbr2y2xj0qvjh5158aj80%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtZeE-4OlY9j1N5nE1wby9oXwCJDhgYRctqjCivACwI23ARABIABglbKCgpgHggEXY2EtcHViLTU5MjgxNjEwNzQ3NzkzODDIAQmpAgZhoAiUyrE-qAMBqgSMAk_Q4rS3zUMPQBn2JoKcarS9vT1_nQTU4l80yC6SmUESt289_T-mMOnxQBKf-NXzjftUVdaq06iDI3XAGBKnJyzsuGtU0vbGagHR1skWicS_QPUUjuLM5Qz2S5dNHkVZAHTDcEPe7e6sewTYYu_Dpf4sFozQUqggA2d3CINoY_tKpBIuOnWov7rAT6gMQgHvCmk77jVScmXTpbdLcRmvK4FvjKIcM0jaQ4JJLmjwbTm5yiYJH92JooNA2inaFbENXr56ZwIyAyXE5PDEMOLNBXAT1knkrER6mZtpZaFXqOe6fWVNMx_Pd2A0W3vZVK2VAp2u1bJAs7iFvjowWcGx21ZadI_AIleJvBK12ZCABvD2-Zjth-ymvgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2VSW8388K-XbSWIPTs52mq0AohIw%2526client%253Dca-pub-5928161074779380%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-52.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id null date Thu, 22 Dec 2022 18:10:43 GMT via 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront) last-modified Mon, 01 Aug 2022 11:49:48 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 58971 etag "c8717f93a87217b1c114134b189e2ca0" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 19052 x-amz-cf-id qABwnguxzmUTRTMsuhMlx11inOw_rANUDyI2D_9_9t2Hne1Q62MOUQ==
GET H2	200	web Show response onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/	3 KB 2 KB	65ms 50ms	Script text/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 972333c751d7a8ddb042612b3ff5377e0673f4e09daa2693ae134479642829f1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains age 2209 cf-polished origSize=3367 status 200 OK x-envoy-upstream-service-time 28 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 9d01811c-4daa-4229-ab70-07c02f499c7d x-runtime 0.026408 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"1683b58677887036332ead7118c660b9" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 77e070929a448fe6-FRA access-control-allow-headers SDK-Version expires Fri, 23 Dec 2022 11:33:33 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	163ms 87ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ffd1a0012888b4438d7b435a8a3e3d2366e94efe34a629adbc67f02446f73e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11332 x-xss-protection 0
GET H3	200	search-1faa9f3c50.js Show response cybernews.com/js/	7 KB 3 KB	91ms 91ms	Script application/javascript	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cybernews.com/js/search-1faa9f3c50.js Requested by Host: cybernews.com URL: https://cybernews.com/js/base-9bd202b6a2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd18e580f1b05148dca60e92c451082e01a0b7b45daeb99aa5d17697a943acd8 Security Headers Name Value Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br content-security-policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; age 3862 cf-polished origSize=6862 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 19 Dec 2022 10:22:19 GMT cf-bgj minify server cloudflare etag W/"63a03b5b-1ace" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=14400 cf-ray 77e070928fa5bbcd-FRA expires Fri, 23 Dec 2022 14:33:33 GMT
GET H3	200	links-bar-38419dbcbf.js Show response cybernews.com/js/	1 KB 2 KB	78ms 77ms	Script application/javascript	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cybernews.com/js/links-bar-38419dbcbf.js Requested by Host: cybernews.com URL: https://cybernews.com/js/base-9bd202b6a2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c949a584646de3f29fbbf249be2b124614a4a3407b79edc0c9ab13f67172bc3 Security Headers Name Value Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br content-security-policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; age 2346 cf-polished origSize=1415 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 19 Dec 2022 10:22:19 GMT cf-bgj minify server cloudflare etag W/"63a03b5b-587" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=14400 cf-ray 77e070928fa9bbcd-FRA expires Fri, 23 Dec 2022 14:33:33 GMT
GET H3	200	scroll-up-703df50bb8.js Show response cybernews.com/js/	510 B 1 KB	71ms 71ms	Script application/javascript	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cybernews.com/js/scroll-up-703df50bb8.js Requested by Host: cybernews.com URL: https://cybernews.com/js/base-9bd202b6a2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4007eabc93dc10a06020c1e2835213fa0dfc50de0bbdd4cb94b3f3a7aadf82e4 Security Headers Name Value Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br content-security-policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests; age 2897 cf-polished origSize=511 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Mon, 19 Dec 2022 10:22:19 GMT cf-bgj minify server cloudflare etag W/"63a03b5b-1ff" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=14400 cf-ray 77e070928fbbbbcd-FRA expires Fri, 23 Dec 2022 14:33:33 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	51ms 51ms	Image image/gif	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=996177032&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fpunisher-ransomware-covid-app%2F&ul=en-us&de=UTF-8&dt=Punisher%20ransomware%20disguises%20as%20a%20COVID%20tracking%20app%20%7C%20Cybernews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fnews%2Fpunisher-ransomware-covid-app%2F&el=25%25&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=105992210.1671791610&tid=UA-149779697-1&_gid=1071015071.1671791612&cd1=Jurgita%20Lapienyt%C4%97&cd2=News&cd3=Editorial&gtm=2wgbu0KMWQ6GT&cg1=News&cg2=Editorial&cd6=2022-12-23T10%3A33%3A33.831Z&z=1792165137 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 23 Dec 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 28262 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	Punisherransomware.jpg media.cybernews.com/2022/11/	73 KB 74 KB	769ms 769ms	Image image/jpeg	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/2022/11/Punisherransomware.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2aadc012797705b8882202b6bd80b9d5d2cc7d841d4c2d0d59064bc931e5801 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 ea89c67081222c8c680e7a37ad75f4f0.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop HAM50-C2 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 74884 last-modified Mon, 28 Nov 2022 09:36:12 GMT server cloudflare etag "1e9c6e2863066dd1416303f4056ad5a1" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15780000 accept-ranges bytes cf-ray 77e070928fbcbbcd-FRA x-amz-cf-id Q8iyUdvDO1b7ZSHtFW32fyH9pqkLSLEsH6NAatuNGX1sq-3FT5bV0g== expires Sat, 24 Jun 2023 01:53:34 GMT
GET H3	200	Hikvisioncamera.jpg media.cybernews.com/images/thumbnail_small/2022/12/	4 KB 4 KB	80ms 80ms	Image image/avif	2606:4700:3108::ac42:2bc5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.cybernews.com/images/thumbnail_small/2022/12/Hikvisioncamera.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6196ff17f07d07e5fdbb9f1ad431ecb4064cffd03c795486ca2f9ee0de0f39b Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront) cf-cache-status HIT x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3642 cf-resized internal=ok/h q=0 n=11 c=4+50 v=2022.12.3 l=3642 last-modified Tue, 13 Dec 2022 10:06:33 GMT cf-bgj imgq:90,h2pri server cloudflare etag "cf5c4gDAT4RIXkPiQZr0B9Who_8iFZYhIqdjUqgfspDQ:1b268424ef2f94761592abc2b1181dca" vary Accept, Accept-Encoding content-type image/avif cache-control max-age=15780000 accept-ranges bytes cf-ray 77e070928fbdbbcd-FRA
GET H3	200	OneSignalSDKStyles.css onesignal.com/sdks/	82 KB 9 KB	49ms 48ms	Stylesheet text/css	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:33 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1542 etag W/"4e9aaefffd5f8ae7dc83361aa2294190" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 77e070930bb89bbf-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sun, 22 Jan 2023 10:33:33 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com&bust=31071167 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 23 Dec 2022 10:33:34 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 827B	13 KB 5 KB	38ms 37ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3205 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 09:40:09 GMT expires Sat, 23 Dec 2023 09:40:09 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 094C	783 B 534 B	48ms 46ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 646426efac11fa1bf45a9da54e165afb3ffc611ca99080a1db2d70fcd2f827bd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-m8Yo0OepqWTQ4Iu37Ldqyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-m8Yo0OepqWTQ4Iu37Ldqyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 10:33:34 GMT expires Fri, 23 Dec 2022 10:33:34 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response pagead2.googlesyndication.com/bg/ Frame 827B	36 KB 16 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 08:32:27 GMT content-encoding gzip x-content-type-options nosniff age 7267 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15923 x-xss-protection 0 last-modified Mon, 05 Dec 2022 17:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Dec 2023 08:32:27 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 094C	0 0	70ms 70ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3014886166434204&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
POST H2	200	tracking-event Show response api.webgains.io/ Frame E34F	16 B 232 B	81ms 81ms	Fetch application/json	3.11.196.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-11-196-201.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Fri, 23 Dec 2022 10:33:34 GMT x-content-type-options nosniff server nginx x-powered-by PHP/7.4.26 x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	156ms 45ms	Preflight	3.11.196.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-11-196-201.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Fri, 23 Dec 2022 10:33:34 GMT server nginx
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 827B	0 11 B	37ms 37ms	Image text/plain	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?93llPQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 10:33:34 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	84ms 81ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3014886166434204&bg=!p6SlpODNAAYgquz3AKo7ACkAdvg8WhbwRmyYgjmHN8US1ROE7yCnlQaMQY04CBoDWFujPxlBwgVC3QIAAABpUgAAAANoAQeZArN6w8xYrrc4WPWQN6uq6KrNMHW_WP8Qp-F5JUkRKQAZle9T_lBKfkAUlwBVB3mZRfZzDlS3-oiO0gVlVcTdomZ9G6XS3DitgceIXGteLMKEacgFqZxH7OoO2iMBMV5WAyMDi8pvu1ofT051ilts_Jm4fTq0gJvsjtiQ8Maf181VZri606IL8INLDR0CwoH8vDMZX3J-aAiP3ALbATkMF_-rYQ5cE3YVvSd1STH7nR1MIFdEfjv2xFodMwaScmoLyTJfYtJQbM5IeuaY-AmQKZwKZXPle7Hex3OV3L1BB6fxCyyla5GdPyokTzpH_KGej-Sx-7oKGLNT5PcNMkRpSRVxtd3K0pqJl-mNo_qbfTPwQG2pqcmstdoIB_CemoEYoS4eKldkBGag2lBgBv1aqanN08FR6gll8wgPqhtax_r3daw1ceJW6MrI9WmRi9cwPorTrwZ9eKpmekAb6oc6UCiN6abnQVawRZXATFo1Ogt7UzLs_Q_Ux0bnGIm5EtUIm9jeCCPgwFfVqHvXTq_CthQ706NRzOUogojYNf_PjET5p3R8qbF76gTTVB4PiObpDZ1N23Jo01OxOHf0NS7R3FDfy_IcsEOwSqcL4vL2BasgoUPNS51lugcDaX15J_IZMXAVAMD5LUovagkMNRq7ZQ_LgFGEvfU0qnLaLMc8YDsmgTD3nM0Q1WRILfI7cYEXCqyanz4JL_FhSeymPebfw9qAar7Q_TIe5ZSYlm1SLPSBi3Ykyaijyn1sudhW4UQjhkmO5_kqchfS7-YjdLuTSyEFtqFa2Sa3he6-wEGuTUdW5kGcSAPYGZKh6UGzThumpQ4XvnmIBSWiFEvRcZHTsMFIq-ST5iHdfB29z9NK_5Wpz8egIzLri7PdVaIi3WOLVq1I9izJ7OyocjfRNGJiGQGKlbDI Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers